# Deploy AI Firewall Realtime

This guide will cover how to configure the AI Firewall in the realtime use-case, which protects your model from "bad" input data.

AI Firewall Realtime detects bad incoming model inputs in near-real time. Similar to the AI Firewall Continuous Tests, AI Firewall Realtime is automatically trained from an AI Stress Testing run and can be used to wrap your model and protect it from "bad" incoming data.

In this walkthrough, we will be using the <a target="_blank" rel="noopener" href="https://www.kaggle.com/c/ieee-fraud-detection">IEEE-CIS Fraud Detection</a> dataset.

## Overview

AI Firewall Realtime can be easily instantiated from an existing AI Stress Testing Run. You can also view a "simulation" of real-time events by running [AI Firewall Continuous Tests](rime_ai_firewall_continuous_tests.md).

{{ fw_realtime_overview }}

## 1. Run AI Stress Testing

The first step in setting up AI Firewall Realtime is running AI Stress Testing and configuring an AI Firewall for a given project. These steps are very similar to steps 1-3 of the [AI Firewall Continuous Tests tutorial](rime_ai_firewall_continuous_tests.md).
```
rime-engine run-stress-tests --config-path examples/fraud/stress_tests_with_model.json
```

Next, click on "Configure AI Firewall" and fill out the details. The step is the same as step 3 in the Firewall Continuous Tests tutorial.
This step sets up an AI Firewall so that you can either use it in the Continuous Tests or Realtime setting.
<img src="../../_static/ui/FirewallConfig0.png" />

<br />

<img src="../../_static/ui/FirewallConfig.png" />

## 2. Review auto-configured AI Firewall Rules and Download

{{ fw_rules_review }}

<img src="../../_static/ui/FirewallConfig_Rules.png" />


Download the configuration file and place it in your `rime_trial` folder.


#### Copy example code and firewall endpoint and paste in your inference code

{{ fw_code_example }}

## 3. Setup a Firewall Realtime Client in a Jupyter Notebook

{{ fw_notebook_setup }}


### Load example dataset and model

Let's add some helper preprocessing code to the notebook. Remember to make sure
that you create the notebook in your `rime_trial` folder!

```python
import catboost as catb
import pickle
import pandas as pd
import os

RIME_PATH = os.path.abspath('.')

model = catb.CatBoostClassifier()
model.load_model(str(RIME_PATH + "/examples/fraud/fraud.catb"))
with open(RIME_PATH + "/examples/fraud/null_impute.pkl", "rb") as f:
    null_impute = pickle.load(f)


def preprocess(x: dict):
    """Null impute categoricals."""
    for col_name in x.keys():
        if pd.isnull(x[col_name]) and col_name in null_impute.keys():
            x[col_name] = null_impute[col_name]
    return x
```

We now define the inference function (`predict_dict`):

```python
# We now define our interface.
def predict_dict(x: dict):
    """Predict dict function."""
    new_x = preprocess(x)
    new_x = pd.DataFrame(new_x, index=[0])
    return model.predict_proba(new_x)[0][1]
```

Now we are ready to initialize/run the Firewall in a real-time setting!

### Running the AI Firewall Realtime with sample datapoints

Let's first import the Firewall Realtime package:

```python
from rime.tabular.firewall.base import TabularFirewall
from rime.tabular.firewall.uploader import FirewallUploader
from rime.core.client.firewall_client import FirewallClient
from rime.tabular import ModelTask
```

Let's then instantiate a firewall object:

```python

firewall_id = "$YOUR_FIREWALL_ID"
firewall_url = "$YOUR_FIREWALL_ENDPOINT"
upload_client = FirewallUploader.from_url(
    firewall_id,
    firewall_url,
)
fw_client = FirewallClient.from_cli_args(firewall_url)
firewall = TabularFirewall.from_components(
    firewall_id,
    "rules.json",
    predict_dict=predict_dict,
    model_task=ModelTask.BINARY_CLASSIFICATION,
    upload_client=upload_client,
    firewall_client=fw_client
)

```

Replace `$YOUR_FIREWALL_ID` with the Firewall ID from the configuration page.


## 4. Monitor events

Finally, let's try to pass in a sample datapoint! Let's get that from the
provided data (we assume that we are in the `rime_trial` directory):

```python
test_df = pd.read_csv('examples/fraud/val.csv')
label_col = "isFraud"
test_df = test_df.drop(label_col, axis=1)
datapoint = test_df.iloc[0].to_dict()
```

The firewall surfaces a graph of "flagged" events. Datapoints that do not raise errors will not be logged in the UI.
For this specific datapoint, let's introduce a data corruption:
```python
datapoint['Count_1'] = 100000
```
Now let's run the firewall over this datapoint.

```python
firewall_response = firewall.validate_single_and_upload(datapoint)
```

If you take a look at `firewall_response.summary.action` you'll find that the Firewall has `flagged` the datapoint.

Once you have deployed your firewall, and input data are starting to roll in,
the AI Firewall will evaluate each and every data point, and output a decision:
`flag`, `pass`, `impute`, or `block` based on the rules criteria. 

NOTE: Only non-passing datapoints will be shown in the UI. That way, you are only alerted on problematic datapoints.

## 5. Editing events

You may also choose to edit the configured action per Firewall rule. By default, a firewall rule is configured to "flag"
the datapoint unless we found that the model raises errors from the corresponding abnormality, in which case we
would configure a "block" action. Using the API functionality, you can set the flagged action.

```python
from rime.tabular.schema import FirewallAction
firewall.set_flagged_action_for_rule(DataTestType.NUM_OUTLIER, FirewallAction.BLOCK)
```

This will edit the default action for the "Numeric Outliers" rule of the firewall, to "block".
We can then test this with the current datapoint.

```python
datapoint = datapoint.copy()
del datapoint["addr1"]
firewall.validate_single_and_upload(datapoint)
```

If you navigate back to the "Realtime Events" tab on AI Firewall, you will see
a new datapoint that has been blocked by the Firewall.

### Troubleshooting
{{ troubleshooting_note }}