Enhanced alert generation system based on real-time manipulation of datasets

What is claimed is: 1. A computer-implemented method comprising: by a system of one or more processors, accessing a plurality of datasets storing information associated with a plurality of object types, the information comprising, at least, a plurality of transactions each indicating a plurality of features; monitoring occurrences of alert definitions via applying the alert definitions to the datasets, the alert definitions specifying respective expressions utilizing one or more of the features, wherein an occurrence of an alert definition indicates satisfaction of a specified expression and causes an associated alert to be generated for evaluation; and causing presentation, via a user device, of an interactive user interface associated with customizing alert definitions, wherein the interactive user interface: presents a first visual portion, the first visual portion enabling specification of an expression for a customized alert definition, and a second visual portion, the second visual portion comparing occurrences of an existing alert definition with occurrences of the customized alert definition specified in the first visual portion, receives specification of the expression for the customized alert definition, wherein the expression specifies at least one object type and a combination of expressions which utilize the datasets, wherein individual expressions of the combination of expressions are selected for use in the expression via the interactive user interface from a plurality of presented expressions, wherein the system accesses respective expression datasets for the combination of expressions, each expression dataset including values generated based on an individual expression of the combination of expressions and the information stored in the plurality of datasets which is associated with the at least one object type, and wherein a resulting expression dataset for the expression for the customized alert definition is formed based on the respective expression datasets, and triggers a determination, by the system, regarding occurrences of the customized alert definition based on the resulting expression dataset, and updates the second visual portion to include a visual representation of the comparison between occurrences of the existing alert definition and the occurrences of the customized alert definition, wherein the visual representation of the comparison indicates an extent to which the customized alert definition surfaces new occurrences which have not been evaluated by users as compared to the existing alert definition, wherein the interactive user interface is configured to cause monitoring of occurrences of the customized alert definition. 2. The method of claim 1 , wherein the occurrences of the existing alert definition were evaluated by one or more users and assigned respective alert types of a plurality of alert types, and wherein the visual representation of the comparison describes an extent to which the customized alert definition increases, or decreases, the respective alert types. 3. The method of claim 1 , further comprising: identifying a subset of the occurrences of the customized alert definition which were also occurrences of the existing alert definition; and causing presentation, via the interactive user interface, of information associated with the subset. 4. The method of claim 3 , wherein the information associated with the subset indicates a number of the occurrences of the customized alert definition which are included in the subset, and a number of the occurrences of the customized alert definition which are not included in the subset. 5. The method of claim 1 , wherein monitoring for occurrences of alert definitions is based on applying a data pipeline to the datasets, wherein the data pipeline causes application of an ontology, and wherein the ontology causes extraction of the object types from the datasets. 6. The method of claim 1 , wherein the customized alert definition represents a modified version of the existing alert definition. 7. The method of claim 1 , wherein the interactive user interface presents a graphical depiction of a data pipeline, the graphical depiction identifying the plurality of datasets connected via one or more data ontologies to the alert definitions, wherein a data ontology enables extraction of object types from the datasets for use in alert definitions. 8. A system comprising one or more processors and computer storage media storing instructions that, when executed by the system, cause the system to perform operations comprising: accessing a plurality of datasets storing information associated with a plurality of object types, the information comprising, at least, a plurality of rows each indicating a plurality of values; monitoring occurrences of alert definitions via applying the alert definitions to the datasets, the alert definitions specifying respective expressions utilizing one or more of the values; and causing presentation, via a user device, of an interactive user interface associated with customizing alert definitions, wherein the interactive user interface: presents a first visual portion, the first visual portion enabling specification of an expression for a customized alert definition, and a second visual portion, the second visual portion comparing occurrences of an existing alert definition with occurrences of the customized alert definition specified in the first visual portion, receives specification of the expression for the customized alert definition, wherein the expression specifies at least one object type and a combination of expressions which utilize the datasets, wherein individual expressions of the combination of expressions are selected for use in the expression via the interactive user interface from a plurality of presented expressions, wherein the system accesses respective expression datasets for the combination of expressions, each expression dataset including values generated based on an individual expression of the combination of expressions and the information stored in the plurality of datasets which is associated with the at least one object type, and wherein a resulting expression dataset for the expression for the customized alert definition is formed based on the respective expression datasets, and triggers a determination, by the system, regarding occurrences of the customized alert definition based on the resulting expression dataset, and updates the second visual portion to include a visual representation of the comparison between occurrences of the existing alert definition and occurrences of the customized alert definition, wherein the visual representation of the comparison indicates an extent to which the customized alert definition surfaces new occurrences which have not been evaluated by users as compared to the existing alert definition, wherein the interactive user interface is configured to cause monitoring of occurrences of the customized alert definition. 9. The system of claim 8 , wherein the occurrences of the existing alert definition were evaluated by one or more users and assigned respective alert types of a plurality of alert types, and wherein the visual representation of the comparison describes an extent to which the customized alert definition increases, or decreases, the respective alert types. 10. The system of claim 8 , wherein the operations further comprise: identifying a subset of the occurrences of the customized alert definition which were also occurrences of the existing alert definition; and causing presentation, via the interactive user interface, of information associated with the subset. 11. The system of claim 10 , wherein th