We describe methods to score alerts---hypotheses about suspected impending threat events that are issued, based on incrementally presented, time-stamped evidence, before the events occur. Our threat events (and thus alerts) have significant object-oriented structure. The alert scoring methods exploit related methods to score precision, recall, and F-value for structured threat hypotheses when such evidence is processed by threat detection technologies in a batch, forensic mode. We present a (deemed-impractical) idealized approach and derivative practical variants. The implemented approach is part of a performance evaluation laboratory (PE Lab) that we have applied during a multi-year, multi-contractor Government research program.