Search

The Search Analytic Engine performs pattern matching and keyword-based searches to identify specific content patterns and textual elements within Exchanges.

Search Analytic Engine

Use Case: Fast Detection of Structured Patterns
Technology: Search- and Keyword-based Lookups
Valid Inputs: Text in Exchanges
Available Evaluators:
Last Engine Update: 2025-03-03
Dependencies: N/A

Detailed Description

The Search Analytic Engine uses pattern matching techniques to identify specific textual elements within Exchanges. This engine excels at detecting known patterns such as keywords, regular expressions, and structured formats, providing fast and reliable identification of items like sensitive information, code snippets, or manipulation attempts.

How It Works

The Search Analytic Engine operates by examining input text for specific configured patterns, keywords, and structures. When an Evaluator using this Engine is initialized, it loads a set of predefined patterns and search terms that correspond to the content it's designed to detect. During analysis, the engine applies these patterns to the input text to identify specific content types. Finally, the Analytic Engine generates structured Findings that include details about which patterns were matched and how many matches were found. This approach makes the Search Analytic Engine particularly effective for detecting structured content like code snippets, SQL statements, file paths, and specific keywords with high precision and minimal processing overhead.

Configuration Options

The Search Analytic Engine supports the following configuration parameters:

Parameter	Description	Default
`patterns`	A named list of patterns to search for	Required

Finding Structure

A generic Evaluator based on the Search Analytic Engine returns a Finding with the following structure. The fields under pattern_name are repeated, one for each defined pattern in the Evaluator.

Finding Structure
{
    "EvaluatorName-Search": True/False,                             # Default Finding (duplicate of finding.any)
    "EvaluatorName-Search.any": True/False,                         # Returns True if any pattern_name matches
    "EvaluatorName-Search.pattern_name.found": True/False,          # Returns True if pattern_name matches
    "EvaluatorName-Search.pattern_name.num_matches": [0,1,2,...n],  # Returns an integer of the number of matches for pattern_name
}

Available Evaluators

The following table lists common Evaluators that can be created using the Search Analytic Engine:

Evaluator Name	Description	Common Use Cases
PromptInjection-Search	Detects attempts to manipulate or hijack the prompt	Security monitoring, content filtering
CodeDetection-Search	Detects code fragments or commands in text	Security, preventing execution of harmful code
SQLInjection-Search	Identifies SQL injection attempts	Database security, query protection
FilePathDetection-Search	Detects file path traversal attempts	File system security
JsonDetection-Search	Identifies JSON structures in text	Data validation, preventing injection

Dependencies

None - The Search Analytic Engine is a self-contained component with no external dependencies.

Revision History

2025-03-03: Initial documentation creation

Detailed Description​

How It Works​

Configuration Options​

Finding Structure​

Available Evaluators​

Dependencies​

Revision History​