DETAILED ACTION This communication is responsive to the application # 18/159,703 filed on January 26 , 20 23 . Claims 1- 20 are pending and are directed toward TEST CASE-BASED ANOMALY DETECTION WITHIN A COMPUTING ENVIRONMENT . Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. Claim s 1-20 are rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Lin et al. (US 2020/0028862, Jan. 23, 2020), hereinafter referred to as Lin . As per claim 1, Lin teaches a computer-implemented method of facilitating processing within a computing environment ( FIG. 1 depicts an exemplary block diagram of a distributed data processing environment in which exemplary aspects of the illustrative embodiments may be implemented, Lin, [0009] ), the computer-implemented method comprising: using a machine learning implicit-anomaly model to determine a possibility of an implicit anomaly within a system based on system metrics data obtained ( There are a variety of tools that exist for threat monitoring to analyze a wide range of data sources to identify patterns that are indicative of threats, security policy and control anomalies. When these threats and/or anomalies are detected, actionable alerts are created. One such tool is IBM® QRadar ® User Behavior Analytics (UBA). A UBA system of this type leverage advances in machine learning (ML), and it adds user context to network, log, vulnerability and threat data to more quickly and accurately detect attacks. Using this tool, security analysts can easily see risky users, view their anomalous activities and drill down into the underlying log and flow data that contributed to a user's risk score. Lin, [0003] ) during running of one or more test cases on the system ( While FIG. 7 depicts the first tier executing just time series-based analytics, this is not a limitation, as one or more analytics may be based on other than time series data. Thus, for example, one such alternative may model user group behavior and using that model to identify whether a given user's behavior (relative to the group model) represents a potential anomaly. Unless otherwise stated, the particular nature of the use cases executing in the local ML tier is not a limitation of this disclosure. Lin, [0080] ); determining, using artificial intelligence, an occurrence of an incident within the system associated with running of the one or more test cases ( Generalizing, Security Information and Event Management (SIEM) tools provide a range of services for analyzing, managing, monitoring, and reporting on IT security events and vulnerabilities. Such services typically include collection of events regarding monitored accesses and unexpected occurrences across the data network, and analyzing them in a correlative context to determine their contribution to profiled higher-order security events. Lin, [0042] ), wherein determining the occurrence of the incident uses the determined possibility of the implicit anomaly within the system based on the system metrics data ( They may also include analysis of firewall configurations, network topology and connection visualization tools for viewing current and potential network traffic patterns, correlation of asset vulnerabilities with network configuration and traffic to identify active attack paths and high-risk assets, and support of policy compliance monitoring of network traffic, topology and vulnerability exposures. Lin, [0042] ); and initiating an action based on the occurrence of the incident within the system associated with running the one or more test cases ( When these threats and/or anomalies are detected, actionable alerts are created. One such tool is IBM® QRadar ® User Behavior Analytics (UBA). A UBA system of this type leverage advances in machine learning (ML), and it adds user context to network, log, vulnerability and threat data to more quickly and accurately detect attacks. Lin, [0003] ). As per claim 2, Lin teaches the computer-implemented method of claim 1, further comprising: training the machine learning implicit-anomaly model using training system metrics data collected from one or more test systems running the one or more test cases (Lin, [0080]). As per claim 3, Lin teaches the computer-implemented method of claim 1, further comprising obtaining the system metrics data, the obtaining of the system metrics data comprising: generating performance-robustness data vectors from collected performance data of the system (Lin, [0092]-[0094]). As per claim 4, Lin teaches the computer-implemented method of claim 1, wherein obtaining the system metrics data further comprises: clustering system text data logs into functional areas; and classifying the generated performance-robustness data vectors using the functional areas to obtain the system metrics data referenced by the machine learning implicit-anomaly model (Lin, FIG. 3). As per claim 5, Lin teaches the computer-implemented method of claim 1, further comprising: using a machine learning explicit-anomaly model to determine a possibility of an explicit anomaly within the system based on system text data obtained from running of the one or more test cases on the system ( A UBA system of this type leverage advances in machine learning (ML), and it adds user context to network, log, vulnerability and threat data to more quickly and accurately detect attacks. Using this tool, security analysts can easily see risky users, view their anomalous activities and drill down into the underlying log and flow data that contributed to a user's risk score. Lin, [0003] ); and wherein determining the occurrence of the incident associated with running of the one or more test cases further comprises using the determined possibility of the explicit anomaly within the system based on the system text data in addition to the determined possibility of the implicit anomaly within the system based on the system metrics data, wherein the system metrics data and the system text data are different types of system data collected from running the one or more test cases on the system (Lin, [0078]). As per claim 6, Lin teaches the computer-implemented method of claim 5, further comprising obtaining the system metrics data, the obtaining of the system metrics data comprising: generating performance-robustness data vectors from collected performance data of the system (Lin, [0098]); clustering system text data logs into functional areas; and classifying the generated performance-robustness data vectors using the functional areas to obtain the system metrics data referenced by the machine learning implicit-anomaly model (Lin, [0092]). As per claim 7, Lin teaches the computer-implemented method of claim 6, further comprising obtaining the system text data, the obtaining of the system text data comprising: collecting and parsing system text output obtained from running the one or more test cases on the system; and converting the collected and parsed system text output into text data vectors, the system text data comprising the text data vectors (Lin, [0093]-[0095]). As per claim 8, Lin teaches the computer-implemented method of claim 5, wherein the artificial intelligence comprises a multilayer machine learning model, and wherein determining the occurrence of the incident comprises using the multilayer machine learning model in detecting the occurrence of the incident within the system based on the determined possibility of implicit anomaly within the system using the system metrics data, and the determined possibility of explicit anomaly within the system using the system text data (Lin, [0084]). As per claim 9, Lin teaches the computer-implemented method of claim 1, wherein the system is a production system and initiating the action comprises modifying operation of the system based on determining the occurrence of the incident within the system associated with running the one or more test cases ( To that end, this disclosure provides for a "tiered" (or "distributed") machine learning-based infrastructure or framework that is used to detect abnormalities in network activities or other user behavior patterns in an enterprise . Lin, [0006]) Claims 1 0 -20 have limitations similar to those treated in the above rejection, and are met by the references as discussed above, and are rejected for the same reasons of anticipation as used above. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLEG KORSAK whose telephone number is (571)270-1938. The examiner can normally be reached on Monday-Friday 7:30am - 5:00pm EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached on (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /OLEG KORSAK/ Primary Examiner, Art Unit 2492