# AI Threat Hunting Query Generation - Interactive Demo

This notebook demonstrates the AI-powered threat hunting query generation system in action.

## Overview

1. **Setup**: Load dependencies and configure environment
2. **Query Generation**: Generate SQL from natural language hypotheses
3. **Query Execution**: Run queries against CloudTrail data
4. **Evaluation**: Measure query quality and accuracy
5. **Visualization**: Explore results interactively


In [None]:
# Import required libraries
import os
import json
import pandas as pd
import warnings
warnings.filterwarnings('ignore')

from query_generator import QueryGenerator, load_hypotheses
from evaluator import QueryEvaluator
from utils import load_hypotheses_outcomes

print("✓ Imports successful")


## Setup and Configuration

Configure your environment and verify all necessary files are present.


In [None]:
# Set your OpenAI API key
from dotenv import load_dotenv
load_dotenv()

# Verify API key is set
if os.getenv('OPENAI_API_KEY'):
    print("✓ OpenAI API key configured")
else:
    print("⚠ WARNING: OPENAI_API_KEY not set")
    
# Load and display hypotheses
hypotheses = load_hypotheses("../assignment/hypotheses.json")
print(f"\n✓ Loaded {len(hypotheses)} hypotheses")

# Display as DataFrame
pd.DataFrame(hypotheses)
