evaluate

package

v0.0.0-...-6908dc9 Latest Latest Go to latest Published: Mar 2, 2026 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/agentshield-ai/agentshield

Links

Open Source Insights

Documentation ¶

Index ¶

func GetModeInfo() map[string]interface{}
type DeepTriageService
type EvaluationResponse
type Evaluator
- func NewEvaluator(eng RuleEvaluator, defaultMode config.EvaluationMode, feedbackURLBase string, ...) *Evaluator
type RuleEvaluator
type TriageService

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GetModeInfo ¶

func GetModeInfo() map[string]interface{}

GetModeInfo returns information about evaluation modes

Types ¶

type DeepTriageService ¶

type DeepTriageService interface {
	ShouldDeepTriage(alert engine.RuleResult) bool
	InvestigateAsync(alerts []engine.RuleResult, req *models.EvaluationRequest, fastResults []triage.TriageResult)
}

DeepTriageService is the interface for async deep triage

type EvaluationResponse ¶

type EvaluationResponse struct {
	EventID       string                `json:"event_id"`
	Action        models.Action         `json:"action"`
	Alerts        []engine.RuleResult   `json:"alerts"`
	TriageResults []triage.TriageResult `json:"triage_results,omitempty"`
	Overridable   bool                  `json:"overridable"`
	EffectiveMode config.EvaluationMode `json:"effective_mode"`
	FeedbackURL   string                `json:"feedback_url,omitempty"`
	Cached        bool                  `json:"cached"`
	Timestamp     time.Time             `json:"timestamp"`
}

EvaluationResponse represents the response from evaluation

type Evaluator ¶

type Evaluator struct {
	// contains filtered or unexported fields
}

Evaluator handles the evaluation of events according to different modes

func NewEvaluator ¶

func NewEvaluator(eng RuleEvaluator, defaultMode config.EvaluationMode, feedbackURLBase string, triager TriageService, deepTriager DeepTriageService) *Evaluator

NewEvaluator creates a new evaluator

func (*Evaluator) Evaluate ¶

func (e *Evaluator) Evaluate(req *models.EvaluationRequest) (*EvaluationResponse, error)

Evaluate processes an evaluation request with a background context.

func (*Evaluator) EvaluateWithContext ¶

func (e *Evaluator) EvaluateWithContext(ctx context.Context, req *models.EvaluationRequest) (*EvaluationResponse, error)

EvaluateWithContext processes an evaluation request and propagates caller cancellation/deadlines to triage providers.

func (*Evaluator) SetCache ¶

func (e *Evaluator) SetCache(c *cache.VerdictCache)

SetCache attaches a verdict cache to the evaluator. If nil, caching is disabled.

type RuleEvaluator ¶

type RuleEvaluator interface {
	Evaluate(fields map[string]string) []engine.RuleResult
}

RuleEvaluator is the interface for rule evaluation

type TriageService ¶

type TriageService interface {
	ShouldTriage(alert engine.RuleResult) bool
	TriageAlerts(ctx context.Context, alerts []engine.RuleResult, req *models.EvaluationRequest) ([]triage.TriageResult, error)
	HealthCheck(ctx context.Context) error
}

TriageService is the interface for triage services

Source Files ¶

View all Source files

evaluate.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL