DETAILED ACTION
This is a response to the Amendment to Application # 16/730,097 filed on July 8, 2021 in which claims 1-3, 10, 16, 19, and 20 were amended.  

Continued Examination Under 37 C.F.R. § 1.114
A request for continued examination under 37 C.F.R. § 1.114, including the fee set forth in 37 C.F.R. § 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 C.F.R. § 1.114, and the fee set forth in 37 C.F.R. § 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 C.F.R. § 1.114. Applicant's submission filed on July 8, 2021 has been entered.
 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 1-20 are pending, of which claim 3 is rejected under 35 U.S.C. § 112(b) and claims 1-20 are rejected under 35 U.S.C. § 103.

Claim Interpretation
Claims 1, 19, and 20 have been amended to recite the limitation “the source data file comprising data consisting of a collection of documents,” or similar. (Emphasis added). Ordinarily, the use of the transitional phrase “consisting of” is considered closed, with no additional elements or steps allowed. See MPEP § 2111.03(II). However, this claim recites that source data file comprises data See MPEP § 2111.03(I). Thus, the source data file may include additional data that is not the “data consisting of a collection of documents.” 

Claims 1-3, 10-12, 15, and 17-20 variously refer to a “source index file” and a “destination index file.” The plain and ordinary meaning of the term “file” is a block of stored information. (Classification Definitions Class 715, Data Processing: Presentation Processing of Document, Operator Interface Processing, and Screen Saver Display Processing; February 2011; USPTO.gov, Page 2). Thus, the source index file shall be construed to refer to any source index that is a block of information.

Claims 7 and 8 recite that the fields contain “terms” and “numeric values” respectively. The type of data in the index does not affect the structure of the claim invention and is therefore, non-functional descriptive material for similar reasons as discussed above. 

Claim Rejections - 35 U.S.C. § 112
The following is a quotation of 35 U.S.C. § 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claim 3 is rejected under 35 U.S.C. § 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention.

Regarding claim 3, this claim recites the limitation “wherein the selection of the one or more fields defines a pivot wherein the transform is configured so as to pivot the data recorded in the source 
Additionally, this claim also recites the limitation “pivot the data recorded in the source index file, thereby generating an index comprising the data summarization of the one or more fields,” (emphasis added) which is a broad limitation together with a narrow limitation that falls within the broad limitation (in the same claim) may be considered indefinite if the resulting claim does not clearly set forth the metes and bounds of the patent protection desired. See MPEP § 2173.05(c). In the present instance, the claim recites the broad recitation “pivot the data recorded in the source index file,” and the claim also recites “thereby generating an index comprising the data summarization of the one or more fields,” which is the narrower statement of the limitation. The claim is considered indefinite because there is a question or doubt as to whether the feature introduced by such narrower language is (a) merely exemplary of the remainder of the claim, and therefore not required, or (b) a required feature of the claims.

Claim Rejections - 35 U.S.C. § 103
The following is a quotation of 35 U.S.C. § 103 which forms the basis for all obviousness rejections set forth in this Office action:



This application currently names joint inventors. In considering patentability of the claims, the Examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicants are advised of the obligation under 37 C.F.R. § 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. § 102(b)(2)(C) for any potential 35 U.S.C. § 102(a)(2) prior art against the later invention.

Claims 1-15 and 18-20 are rejected under 35 U.S.C. § 103 as being unpatentable over Puri et al., US Publication 2019/0097909 (hereinafter Puri), as cited on the Notice of References Cited dated January 29, 2021, in view of Esman, US Patent 10,977,222 (hereinafter Esman).

Regarding claim 1, Puri discloses a computer-implemented method for creating and performing transforms of indexed data on a continuous basis, the method comprising “receiving from a user a selection of a source index file, the source index file comprising data consisting of a collection of documents” (Puri ¶¶ 87, 129, see also ¶ 280) by indicating that the data stores (i.e., a source index file, a block of stored information) are specified in the search query (i.e., received from a user, ¶ 129) and that the data store contains portions of data (i.e., a collection of documents, ¶ 87). Additionally, Puri discloses “receiving from the user a selection of one or more fields” (Puri ¶ 87) by receiving from the user a query that defines the fields to be searched. Further, Puri discloses “creating a transform of the where the transform is created based on the selected one or more fields because the transforms may be specified in the query, meaning they are created when the user creates the query including the selection of the one or more fields. Moreover, Puri discloses “performing the transform to generate a destination index file” (Puri ¶ 273) by using the transformation rules (i.e., performing the transform) to generate a block of stored information containing the search results (i.e., a destination index file). Finally, Puri discloses “wherein the transform includes automatically causing display of a visual representation of the destination index file on a computer device of the user” (Puri ¶ 280) by displaying the search results. 
While Puri does disclose a destination index file, it does not appear to explicitly disclose “the destination index file comprising a data summarization of the one or more fields and having a data structure comprising an ID for each document of the collection of documents in the destination index file, the ID being generated from a hash of a value of a particular field of the one or more fields.” Likewise, Puri discloses continuous updating, but does not appear to explicitly disclose the claimed limitations “automatically updating the destination index file on a continuous basis based on the transform with new data being ingested into the source index file.”
However, Esman discloses a database system including an “index file comprising a data summarization of the one or more fields and having a data structure comprising an ID for each document of the collection of documents in the … index file” (Esman col. 41, ll. 22-53) by generating a summarization associated with a plurality of data sources identified by an event. Further, Esman discloses “the ID being generated from a hash of a value of a particular field of the one or more fields” (Esman col. 41, ll. 22-53) by generating a hash value from a list of fields, which includes particular fields. Moreover, Esman discloses “automatically updating the … index file on a continuous basis based on the transform with new data being ingested into the source index file” (Esman col. 22, ll. 1-32) by describing that the system is repeatedly (i.e., continuously) updated with data.
destination index file comprising a data summarization of the one or more fields and having a data structure comprising an ID for each document of the collection of documents in the destination index file, the ID being generated from a hash of a value of a particular field of the one or more fields; automatically updating the destination index file on a continuous basis based on the transform with new data being ingested into the source index file” rendering it obvious. 
Puri and Esman are analogous art because they are from the “same field of endeavor,” namely that of database systems. 
Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Puri and Esman before him or her to modify the data base content and updating of Puri to include the features of Esman.
The motivation for doing so would have been such processes reduce the work required by the system needed to update the data. (Esman col. 22, ll. 1-32).

Regarding claim 2, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “wherein the destination index file is updated on a continuous basis with the new data” (Puri ¶¶ 329, 369) by describing that the indexes may be both entity-centric and updated continuously. Further, Puri discloses “the destination index file being different from the source index file” (Puri ¶ 302) where the destination index is a subset of the index meeting the search query. 

claim 3, the combination of Puri and Esman discloses the limitations contained in parent claim 2 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “wherein the selection of the one or more fields defines a pivot wherein the transform is configured so as to pivot the data recorded in the source index file, thereby generating an index comprising the data summarization of the one or more fields” (Puri ¶ 300 and Fig. 11B) by disclosing a user interface that allows a user to select one or more fields and indicating that this selection is to create a “New Pivot.”

Regarding claim 4, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “creating a checkpoint when the transform is updated based on the ingested new data” (Puri ¶ 83) where the data points act as checkpoints.

Regarding claim 5, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “wherein the transforms operates across an entirety of the data of the source index file” (Puri ¶ 87) by indicating that the search is run against all the stored events.

Regarding claim 6, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “receiving a query from the user, and in response to receiving the query, limiting scope of the created transform based on the query.” (Puri ¶ 87).

Regarding claim 7, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses by giving an example where the fields comprise terms representing hostnames. 

Regarding claim 8, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “wherein at least some of the one or more fields are numerical field comprising numeric values.” (Puri ¶ 88)

Regarding claim 9, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “further comprising receiving a time interval from the user, wherein values of the numerical fields are bucketed using the time interval.” (Puri ¶ 173).

Regarding claim 10, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “wherein the source index file data comprises a collection of documents.” (Puri ¶ 87). Further, the combination of Puri and Esman discloses “the source index file being identified by a name.” (Puri ¶ 154).

Regarding claim 11, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “in response to a user selection, generating a preview of the transformed source index file for the user prior to storing the transformed source index in the destination index file.” (Puri ¶ 485 and Fig. 27B).

claim 12, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “wherein the source index file comprises a plurality of indices” (Puri ¶ 87) by giving an example of a plurality of indexes that may be searched. Further, the combination of Puri and Esman discloses “the destination index file comprises one or more indices” (Puri ¶ 302) because the result index will always be at least one (i.e., one or more) index.

Regarding claim 13, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “providing a user interface for receiving at least the selection from the user.” (Puri Fig. 11B).

Regarding claim 14, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “providing an application program interface (API) for instantiating the transform.” (Puri ¶ 444).

Regarding claim 15, the combination of Puri and Esman discloses the limitations contained in parent claim 14 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “wherein the API is configured for specifying the source index file, the one or more fields, for creating and updating the transform and for storing the transformed index to the destination index file” (Puri ¶ 444) by stating that all the techniques described may be implemented through an API.

Regarding claim 18, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman discloses “receiving from the user a selection of a type of aggregation” (Puri ¶ 244) where the aggregation is received from the user during the authoring of the query. Further, the combination of Puri and Esman discloses “creating a transform of the source index file based at least on the selected one or more fields and the selected type of aggregation” (Puri ¶¶ 244, 266) where the transform is created based on the selected one or more fields because the transforms may be specified in the query, which also includes the aggregation. Moreover, the combination of Puri and Esman discloses “wherein the selected type of aggregation is a sum aggregation, a max aggregation, or a cardinality aggregation” (Puri ¶ 244) where the type is a max aggregation. Likewise, the combination of Puri and Esman discloses “automatically updating the transform based at least on the selected one or more fields and the selected type of aggregation on a continuous basis based on the transform with new data being ingested into the source index file” (Puri ¶¶ 244, 329-330) by describing a system where the index update continuously because it is regularly updated with new incoming events (¶ 329). Finally, the combination of Puri and Esman discloses “the performing the transform further comprising: automatically causing display of the visual representation of the composite aggregation on the computer device of the user; and automatically storing the composite aggregation to the destination index file” (Puri ¶¶ 244, 302) by receiving the search results (i.e., performing the transform) that includes filtering the results, which necessarily requires storing the results in memory in order to perform the filter, and then displaying the results.

Regarding claim 19, it merely recites a system for performing the method of claim 1. The system comprises computer hardware and software modules for performing the various functions. The combination of Puri and Esman comprises computer hardware and software modules for performing the same functions. Thus, claim 19 is rejected using the same rationale set forth in the above rejection for claim 1.

claim 20, it merely recites a non-transitory computer readable medium for performing the method of claim 1. The medium comprises computer software modules for performing the various functions. The combination of Puri and Esman comprises computer software modules for performing the same functions. Thus, claim 20 is rejected using the same rationale set forth in the above rejection for claim 1. 

Claim 16 is rejected under 35 U.S.C. § 103 as being unpatentable over Puri in view of Esman , as applied to claim 1 above, in further view of Wang et al., US Publication 2020/0160230 (hereinafter Wang).

Regarding claim 16, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. In addition, the combination of Puri and Esman does not appear to explicitly disclose “wherein an analytics and visualization platform is used to generate the visual representation and the visual representation has features including a histograms, line graph, or pie chart, and the analytics including time-series data analytics.”
However, Wang discloses a data monitoring system “wherein an analytics and visualization platform is used to generate the visual representation and the visual representation has features including a histograms, line graph, or pie chart, and the analytics including time-series data analytics.” (Wang ¶¶ 32, 82).
Puri, Esman, and Wang are analogous art because they are from the “same field of endeavor,” namely that of data monitoring and alerting. 
Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Puri, Esman, and Wang before him or her to modify the 
The motivation for doing so would have been that Kibana is known to provide the advantage of easily visualizing the data. (Wang ¶ 82).

Claim 17 is rejected under 35 U.S.C. § 103 as being unpatentable over Puri in view of Esman as applied to claim 1 above, in further view of Doug Turnbull; Machine Learning for Smarter Search With Elasticsearch; February 24, 2017; dzone.com; 7 Pages (hereinafter Turnbull).

Regarding claim 17, the combination of Puri and Esman discloses the limitations contained in parent claim 1 for the reasons discussed above. Although the combination of Puri and Esman discloses the use of a machine learning model (Puri ¶ 357), it does not appear to explicitly disclose “wherein a machine learning model is created based on the transform of the source index file wherein behaviors are captured across an entirety of a user base of two or more users.”
However, Turnbull discloses a data visualization system “wherein a machine learning model is created based on the transform of the source index wherein behaviors are captured across an entirety of a user base, instead of being limited to the behavior of a particular user or entity in the user base or being limited to a portion of the users in the user base” (Turnbull 3-5) where the machine learning system is trained based on mapping (i.e., a transform) a data set (i.e., the source index) and is based on the entirety of the data set determined from “studying users” (i.e., across an entirety of a user base).
Puri, Esman, and Wang are analogous art because they are from the “same field of endeavor,” namely that of data monitoring and alerting. 

The motivation for doing so would have been that machine learning provides a more powerful search system. (Turnbull 2). 

Response to Arguments
Applicant’s arguments filed July 8, 2021, with respect to the rejection of claims 2, 3, 10, and 16 under 35 U.S.C. § 112(b), with the exception noted below, and the rejection of claims 1-20 under 35 U.S.C. § 101 (Remarks 7-16) have been fully considered and are persuasive. The rejection of claims 2, 3, 10, and 16 under 35 U.S.C. § 112(b), with the exception noted below, and the rejection of claims 1-20 under 35 U.S.C. § 101 have been withdrawn. 

	
Applicant’s arguments filed July 8, 2021, with respect to the rejections of claims 1-20 under 35 U.S.C. § 103 (Remarks 16-18) have been fully considered and are persuasive. Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground of rejection is made in view of Puri in view of Esman.

Applicant's arguments filed July 8, 2021 have been fully considered but they are not persuasive. Regarding the rejection of claim 3 under 35 U.S.C. § 103, Applicant argues that this claim was amended to traverse this rejection. (Remarks 8). Applicant’s argument is unpersuasive because it does not appear that this claim was amended in a manner to traverse the rejection. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to Applicant's disclosure:
Barabas et al., US Publication 2004/0267807, System and method for storing summarization data in a database and creating hash values based on fields within the database.
Dearing et al., US Publication 2012/0011068, System and method for storing summarization data in a database and creating hash values based on fields within the database.
Penmmaraju et al., US Publication 2019/0370918, System and method for storing summarization data in a database and creating hash values based on fields within the database. 
Yang, US Publication 2020/0294165, System and method for storing summarization data in a database and creating hash values based on fields within the database.
Zielike et al., US Publication 2020/0311058, System and method for storing summarization data in a database and creating hash values based on fields within the database.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW R DYER whose telephone number is (571)270-3790.  The examiner can normally be reached on Monday-Friday 7:30-3:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kavita Stanley can be reached on 571-272-8352.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/ANDREW R DYER/Primary Examiner, Art Unit 2176