The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Detailed Action
Claims 1-20 have been examined.Claims 14, 16 and 18 have been objected to as containing allowable subject matter, yet dependent upon rejected base claims.
Claims 1-13, 15, 17 and 19-20 have been rejected.


Claim Objections
Claim 1 line 7 should read "forming a multivariate time series".
Claim 9 recites a duplicate of claim 8.
Claim 10 line 5 should read "accessing a log multivariate time series".Claim 10 line 8 should read "retrieving a highest ranked set of historical logs, the highest ranked set being a most similar set of logs compared to the set of query logs."Claim 20 line 6 should read "access a log multivariate time series".


Allowable Subject Matter
Claims 1, 15 and 17 recites novel subject matter while being rejected as indefinite.Claims 14, 16 and 18 are objected to as containing novel subject matter while being dependent on rejected base claims.




Claim Rejections - 35 USC § 112(b)

The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

 
Claims 1-9, 15 and 17 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly 

Claim 1 line 2 recites "parsing, by a processor device, each log of a set of logs against a model database".  Parsing is a concept that is well understood in the art.  Use of "parsing against a model" is colloquial and irregular, as parsing does not in itself require or imply a comparison.  While applicant can be their own lexicographer, any terms that are being given a new meaning must be clearly defined in the specification.  Parsing against a model database is a term that is repeated in the specification but not clearly defined to include a comparison.  The term in the claim should be rephrased as "parsing each log of a set of logs and comparing each log against a model database".

Claim 1 line 5 recites the limitation "each log format of the set of logs".  This limitation lacks antecedent basis.  Also "for" should be removed for grammar.  The line should read "frequency counting of multiple log formats of the set of logs".  Or else the line could read "each of one or more log formats".

Claim 5 lines 2-3 recite the limitation "each particular log set".  This limitation lacks antecedent basis.

Claim 7 line 1 recites the limitation "each of an item or an entry in the database is a key-value pair".  It is unclear what is required by "each of" in this limitation.  If this claim is of at least one item and each of at least one entry in the database".

Claim 15, the second to last line, recites the term "the term frequencies".  This limitation lacks antecedent basis.

Claim 17 line 4 recites the limitation "each time period".  This limitation lacks antecedent basis.




Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Note that in the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

s 10-12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Allen (US Patent 9,104,877) in view of LogMine: Fast Pattern Recognition for Log Analytics by Hamooni (from the IDS submitted May 1, 2019) (herein Hamooni).

As per claim 10, Allen ('877) discloses a method for computer log retrieval, comprising: 	receiving a set of query logs (column 6 lines 28-37, a log is generated based on a test system request);
	accessing historical logs (column 6 lines 44-55, clustered historical logs are accessed);
	computing and ranking a similarity distance between the query log multivariate time series and the log multivariate time series of the historical logs (column 6 lines 44-52, a captured log is associated with a historical log cluster based on a calculated similarity score); and
	retrieving a highest ranked set of historical logs as a most similar set of logs compared to the set of query logs (column 8 lines 6-20, a user is alerted if the captured log has a high similarity score, and the alert includes information of the historical log that produced the similar score).

Allen ('877) does not expressly disclose the method comprising: transforming, by a processor device, the set of query logs into a query log multivariate time series and wherein the historical logs are a multivariate time series of historical logs.



As per claim 11, Allen ('877) in view of Hamooni discloses the method as recited in claim 10, further comprising: presenting the retrieved set of logs with extracted statistics (Allen ('877) column 8 lines 8-20, the alarm may include information pertaining to the logs that produced the similarity score and information about changes made to an input seed or how it was mutated).


	determining the log multivariate time series of the historical logs (Hamooni renders obvious pre-processing of log entries and performing the similarity analysis after the pre-processing as described for claim 1, above).

As per claim 19, Allen ('877) in view of Hamooni discloses the method as recited in claim 10, wherein the similarity distance is defined as a log formats multivariate time series similarity between sets of logs (column 7 lines 4-11, the similarity distance is a similarity between sets of logs and Figure 3 shows that the similarities are based on clusters of historical logs).

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Allen ('877) in view of Hamooni and Wikipedia's Cosine Similarity (historical version published May 10, 2018) (herein Wikipedia).Allen ('877) in view of Hamooni discloses ranking a similarity distance (abstract of Allen ('877)).  Allen ('877) in view of Hamooni does not expressly disclose the ranking being based on a cosine similarity.

Wikipedia teaches use of a cosine similarity to measure similarity between vectors..




Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Byrd, Cho and Cohen teach clustering of event logs using a cosine similarity function. Debnath teaches converting a log into a time series format. Ikeda teaches log entry aggregation and feature analysis. Patthak teaches generating a vector of log data based on distribution or frequency of terms, vectorizing the log entries and comparing them for similarity distances. Rostami-Hesarsorkh teaches log file analysis based on distinct lines and line counts to identify malware. Togawa teaches log analysis based on log event frequency. Zhang teaches analyzing heterogeneous logs based on time series conversion.







Contact Information


Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSEPH SCHELL whose telephone number is (571)272-8186.  The examiner can normally be reached on Monday through Friday 9AM-5:30PM (PST/PDT).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Matt Kim can be reached at (571) 272-4182.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.  The fax phone number for the examiner is 571-273-8186.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





JS/JOSEPH O SCHELL/Primary Examiner, Art Unit 2114