Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendments
The amended claims 1-4, 6-7, 9, 21-28 and 32-36 were considered under 35 USC 112, 101 and 103 for patentability over closest and analogous prior arts Bilodeau et al (US Pub. #: 9582680), hereafter Bilodeau and Kurian et al (US Pub. #: 20170147828), hereafter Kurian have been fully considered and are persuasive. Claims 5, 8, 10-20 and 29-31 is/are cancelled.

Allowable Subject Matter
1.	Amended claims 1-4, 6-7, 9, 21-28 and 32-36 are allowed in light of applicant’s arguments, approved examiner’s proposed amendments and in light of prior art(s) made of record. 

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.  Authorization for this examiner’s amendment was given in an interview with Bowen Li (attorney) for filed amended claims on 03-29-2021:
1.	(Currently Amended) A method comprising:
receiving, by a computing device and from one or more mobile devices, a plurality of log messages, the one or more mobile devices and the computing device being associated with an organization;
determining, by the computing device and based on detecting a plurality of keywords within a received log message of the plurality of log messages, that the received log message comprises first sensitive information corresponding to a first keyword and second sensitive information corresponding to a second keyword;
in response to the determining that the received log message comprises the first sensitive information and the second sensitive information, replacing, by the computing device, the first sensitive information with first replacement information and the second sensitive information with second replacement information, wherein the first replacement information comprises a reason, for replacing the first sensitive information, indicating that the first keyword is associated with general criteria information, wherein the second replacement information comprises a reason, for replacing the second sensitive information, indicating that the second keyword is specific to a policy of the organization, and wherein the first and second replacement information comprises one or more detected keywords and a unique identifier of a log service that generated the received log message; and
preventing, by the computing device and based on the replacing, transfer of the first sensitive information and the second sensitive information to a device outside the organization.

2.	(Previously Presented) The method of claim 1, further comprising: 
retrieving a second log message from an in-memory queue storing the plurality of log messages; and
in response to determining that the second log message comprises criteria information, removing one or more parts, of the second log message, that include the criteria information.

3.	(Previously Presented) The method of claim 2, further comprising:
in response to receiving the second log message, storing, using a first thread of execution, the second log message at a tail end of the in-memory queue, wherein the in-memory queue comprises the tail end and a head end, and wherein the second log message moves from the tail end to the head end as new log messages are received by the computing device; and
wherein the retrieving the second log message from the in-memory queue comprises retrieving, using a second thread of execution, the second log message from the head end of the in-memory queue. 

4.	(Previously Presented) The method of claim 2, further comprising inserting, into the second log message, the criteria information and identification information associated with the second log message.

5.	 (Canceled) 

6.	(Previously Presented) The method of claim 2, further comprising:
in response to determining memory resources of the in-memory queue are exhausted, replacing the second log message with a new log message indicating that the memory resources of the in-memory queue are exhausted.

7.	(Previously Presented) The method of claim 1, further comprising:
receiving, from an administrative device, blacklist information; and
wherein the determining that the received log message comprises the first sensitive information and the second sensitive information is based on determining that the received log message comprises the blacklist information.

8.	(Canceled) 

9.	(Previously Presented) The method of claim 1, further comprising:
receiving, from an administrative device, whitelist information; and
wherein the determining that the received log message comprises the first sensitive information and the second sensitive information is based on determining that the received log message comprises information other than the whitelist information.

10-20.	(Canceled)

21. 	(Currently Amended) The method of claim 1, further comprising inserting, by the computing device and into the received log message, the unique identifier of the log service that generated the received log message.

22. 	(Currently Amended) The method of claim 1, further comprising:
preventing, based on the received log message, the log service from generating additional log messages that comprise sensitive information corresponding to the first keyword and sensitive information corresponding to the second keyword.

23. 	(Currently Amended) The method of claim 1, further comprising:
based on detecting a third keyword within a second received log message of the plurality of log messages, generating a new message, wherein the second received log message was generated by a second service different from the log service;
inserting, into the new message, the detected third keyword and an identifier of the second service; and
replacing the second received log message with the new message. 

24.	(Previously Presented) The method of claim 1, further comprising inserting, by the computing device and into the received log message, a transaction identifier associated with the received log message.  

25.	(Currently Amended) A computing device comprising:
	one or more processors; and 
	memory storing instructions that, when executed by the one or more processors, cause the computing device to:
receive, from one or more mobile devices, a plurality of log messages, the one or more mobile devices and the computing device being associated with an organization;
determine, based on detecting a plurality of keywords within a received log message of the plurality of log messages, that the received log message comprises first sensitive information corresponding to a first keyword and second sensitive information corresponding to a second keyword;
in response to the determining that the received log message comprises the first sensitive information and the second sensitive information, replace the first sensitive information with first replacement information and the second sensitive information with second replacement information, wherein the first replacement information comprises a reason, for replacing the first sensitive information, indicating that the first keyword is associated with general criteria information, wherein the second replacement information comprises a reason, for replacing the second sensitive information, indicating that the second keyword is specific to a policy of the organization, and wherein the first and second replacement information comprises one or more detected keywords and a unique identifier of a log service that generated the received log message; and
prevent, based on the replacing, transfer of the first sensitive information and the second sensitive information to a device outside the organization.

26.	(Currently Amended) The computing device of claim 25, wherein the instructions, when executed by the one or more processors, further cause the computing device to insert, into the received log message, the unique identifier of the log service that generated the received log message.

27.	(Currently Amended) The computing device of claim 25, wherein the instructions, when executed by the one or more processors, further cause the computing device to cause preventing, based on the received log message, the log service from generating additional log messages that comprise sensitive information corresponding to the first keyword and sensitive information corresponding to the second keyword.

28.	(Previously Presented) The computing device of claim 25, wherein the instructions, when executed by the one or more processors, further cause the computing device to insert, into the received log message, a transaction identifier associated with the received log message.

29-31.	(Canceled)

32.	(Previously Presented) The method of claim 1, wherein the first replacement information comprises the first keyword and an indication that the first keyword is associated with blacklist information, and wherein the second replacement information comprises the second keyword and an indication that the second keyword is associated with policy information.

33.	(Currently Amended) A method comprising:
receiving, by a computing device, a log message from a user device, the log message being generated by the user device as part of a thread of execution to process an application programmable interface (API) request on the user device, wherein receipt of the log message transfers the thread of execution from the user device to the computing device;
returning, by the computing device, the thread of execution back to the user device to complete processing of the API request on the user device in response to storage of the received log message within memory of the computing device;
identifying, by the computing device, sensitive content of the received log message in response to storage of the received log message, the identification of the sensitive content being part of a different thread of execution to process log messages on the computing device than the thread of execution to process the API request on the user device; and
providing, by the computing device, another log message different from the received log message to a third-party device so as to prevent leakage of the sensitive content during communication of one or more log messages to third-party devices, wherein the other log message comprises a unique identifier of a log service that generated the received log message.

34.	(Currently Amended) The method of claim 33, further comprising:
preventing, based on the other log message, the log service that generated the received log message from generating additional log messages that comprise the sensitive content.

35.	(Currently Amended) The method of claim 1, further comprising:
	causing display, via a graphical user interface, of one or more of the reason for replacing the first sensitive information, the reason for replacing the second sensitive information, the one or more detected keywords, the unique identifier of the log service that generated the received log message.

36.	(Currently Amended) The method of claim 33, wherein the other log message comprises replacement information including one or more detected keywords and one or more reasons that the received log message was filtered


Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: 
As to the independent claim 1, the prior art of reference Bilodeau teaches Col. 4 lines 45-56, Fig. 1: a plurality of mobile users' machine generated plurality of logs are received by the scrubbing agent and the user shall be associated with the organization; Col. 4 lines 45-56, Figs. 5A-5B: the logs are scanned and determined that the received logs contain plurality of keywords such as name, birthdate, SSN, account name and phone number. Other data considered PII includes IP address, company name, and location information, document names and e-mail headers. Col. 8 lines 60-64, Table 1: The parameter key refers to any mechanism used to describe the information, particularly the PII, contained in a document including, but not limited to, a schema, legend or key; Col. 13 lines 41-67, Col. 14 9-43: the user name, file name and its path and the email address of the user uses more than one generalization or hashing per redaction. Ex: user name, file name and email address have completely different hashes and different generalizations (ex: IP address) and they have different replacement values; Col. 13 lines 52-57: a telephone number might be generalized by replacing the last four digits with an asterisk, an IP address is generalized with a lookup that finds the country associated with the IP address to expose the user's generalized location (i.e., the country) rather than the user's IP address (Col. 2 lines 43-51) according to the scrubbing rules incorporating the corresponding context information as parameters of the rules organized into processing groups which includes filters to select messages meeting specified criteria; Col. 6 lines 61-67: logs are replaced in such a way that relevant records can be used without exposing protected user information (col. 5 line 44) such as username, SSN etc. to business units that do not require access to that information for a particular business function.

Further, a second prior art of record Kurian teaches [0014, 0024-0027] at least a portion of the reversible data redaction and tokenization system may be incorporated into the computing systems associated with a particular business unit. The system captures the communicated file and analyzes the contents of the document, applies one or more filters and redact data (e.g., an account number specific to an organization [0022, 0032] change SSN or address to generic data i.e., second keyword[Wingdings font/0xE0]second replacement information) or otherwise change the data (e.g., tokenize) specifically defined by the organizational rules.

None of the other prior arts of record teach by themselves or in any combination, would have anticipated nor render obvious by combination the claimed invention of the present application at or before the time it was filed.  The prior arts of record fail to teach: after receiving a set of log messages, determining if there are sensitive keywords. If yes, then the sensitive keywords are replaced with replacement information which comprises a reason, replacement keyword and a unique identifier of the log service that generated the log message. The log message with replacement message is different from the received log message. Different replacement keywords for different sensitive words is provided and different replacement information is based on criteria and policy information, thereby preventing transmission of sensitive information.

Therefore, independent claim 1 and their corresponding dependent claims are allowed in light of applicant’s arguments, approved examiner’s amendments and prior arts of record. The same amendments and reasoning are applicable to independent claims 25 and 33 mutatis mutandis.  Claims 5, 8, 10-20 and 29-31 is/are cancelled.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See form PTO-892 Notice of References Cited.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Badri -- Champakesan whose telephone number is (571)270-3867.  The examiner can normally be reached on M-F: 7:45am-5pm (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T. Arani can be reached on 5712723787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/BADRINARAYANAN /Examiner, Art Unit 2438.