DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
	This Office Action has been issued in response to the QPIDS request filed on July 11, 2022, of application S/N 15/902,856.  After thorough search and examination of the present application and in light of the prior art made of record, claims 1 to 5, 7 to 15, and 17 to 20 are re-allowed.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on July 11, 2022 was filed after the mailing date of the notice of allowance.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

REASONS FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance:
The prior art made of record neither render obvious nor anticipates the combination of claimed elements, as recited in independent claims 1, 11, and 20.
More specifically, the prior art of record does not specifically suggest the combination of “accessing a store query, where the store query is verified as being known to return results that potentially correspond to security threats when queried against events after the events are stored in a database, create a syntax graph of the store query; access a set of rules of the store query language of the store query; use at least the syntax graph and the set of rules of the store query language to convert the store query into a standing query; deploy a first instance of the standing query into a first intermediary computing system and deploy a second instance of the standing query into a second intermediary computing system, wherein: the first intermediary computing system is situated between a first event source and the database, and the second intermediary computing system is situated between a second event source and the database, the first instance of the standing query operates on TCP-based events, the second instance of the standing query operates on UDP-based events; wherein the standing query, including any instances thereof, is configured to identify specific events that correspond to potential computer security threats and to generate alerts for the specific events” and all the other limitations recited in independent claims 1, 11, and 20.
These features together with other limitations of the independent claims are novel and non-obvious over the prior art of record; therefore claims 1, 11, and 20 are allowed.  The dependent claims 2 to 5, 7 to 10, 12 to 15, and 17 to 19, being definite, enabled by the specification, and further limiting the independent claims, are also allowed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”



Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RAQUEL PEREZ-ARROYO whose telephone number is (571)272-8969. The examiner can normally be reached Monday - Friday, 8:00am - 5:30pm, Alt Friday, EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Usmaan Saeed can be reached on 571-272-4046. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/RAQUEL PEREZ-ARROYO/Examiner, Art Unit 2169