Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1,2,4-12,14-22 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim(s) recite(s) mental processes – concepts performed in the human mind.
Regarding claim 1, the limitations ‘parsing each alert record based on a predetermined data field; correlating a group of alert records of the plurality of alert records based on at least an extracted data value; determining that the change record of the plurality of change records is related to the incident data record based on the determined distance; determining that the change record is a root cause change of the incident data record’ are concepts performed in the human mind by observation, evaluation, and/or judgment. The limitation ‘generating an incident data record based on the extracted data values of the correlated group of alert records; determining a distance in a vector space between the first vector and the second vector’ is a concept performed in the human mind by observation, evaluation, and/or judgment as well as by using pen and paper.
Step 2A: Prong two
This judicial exception is not integrated into a practical application because the additional elements ‘each event record generated based on an event in a computing environment communicatively coupled over the network interface to the incident server; extracting from each predetermined data field a data value; initiating a mitigation action in the computing environment based on the root cause change’ are merely adding insignificant extra-solution of data gathering and correcting problems based on a root cause to the judicial exception (MPEP 2106.05(g)).
Step 2B
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements ‘generating a first vector representation of the change record in a vector database; generating a second vector representation in the vector database based on: the extracted data values, the incident data record, the correlated group of alert records, and a combination thereof’ is simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception - see MPEP 2106.05(d). The generating a first vector representation and a second vector representation is a concept performed in the human mind by observation, evaluation, and/or judgment. The storing of the generated vector representations is a well-understood, routine, conventional activity, as disclosed in MPEP 2106.05(d) - iv. Storing and retrieving information in memory, Versata Dev. Group, Inc. v. SAP Am., Inc., 793 F.3d 1306, 1334, 115 USPQ2d 1681, 1701 (Fed. Cir. 2015); OIP Techs., 788 F.3d at 1363, 115 USPQ2d at 1092-93.
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements ‘receiving, over a network interface, a plurality of event records at an incident server’ is simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception - i. Receiving or transmitting data over a network, e.g., using the Internet to gather data, Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); TLI Communications LLC v. AV Auto. LLC, 823 F.3d 607, 610, 118 USPQ2d 1744, 1745 (Fed. Cir. 2016) (using a telephone for image transmission); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1093 (Fed. Cir. 2015) (sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network); but see DDR Holdings, LLC v. Hotels.com, L.P., 773 F.3d 1245, 1258, 113 USPQ2d 1097, 1106 (Fed. Cir. 2014) ("Unlike the claims in Ultramercial, the claims at issue here specify how interactions with the Internet are manipulated to yield a desired result‐‐a result that overrides the routine and conventional sequence of events ordinarily triggered by the click of a hyperlink." (emphasis added)).
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements ‘processing the plurality of event records at the incident server, including a plurality of alert records and a plurality of change records’ is directed to generic computer components recited at a high-level of generality such that they amount to nothing more than mere instructions to apply the exception using generic computer components (MPEP 2106.05(f)).
Regarding claim 2, the limitation ‘configuring an artificial intelligence (AI) engine to determine that the change record is the root cause change based on any one of: the extracted data values, the correlated group of alert records, and any combination thereof’ is directed to generic computer components recited at a high-level of generality such that they amount to nothing more than mere instructions to apply the exception using generic computer components (MPEP 2106.05(f)).
Regarding claim 4, the limitation ‘determining that the change record is a root cause change in response to determining that the distance is below a predetermined threshold value’ is a concept performed in the human mind by observation, evaluation, and/or judgment based on comparing values.
Regarding claim 5, the limitation ‘determining that the change record is a suspected root cause change in response to determining that the distance is above the predetermined threshold value’ is a concept performed in the human mind by observation, evaluation, and/or judgment based on comparing values.
Regarding claim 6, the limitation ‘wherein the distance is further determined to be below a second predetermined threshold value’ is a concept performed in the human mind by observation, evaluation, and/or judgment based on comparing values.
Regarding claim 7, the limitation ‘generating a root cause analysis based on the incident record’ is a concept performed in the human mind by observation, evaluation, and/or judgment.
Regarding claim 8, the limitation ‘generating the root cause analysis further based on the determined change record’ is a concept performed in the human mind by observation, evaluation, and/or judgment.
Regarding claim 9, the limitation ‘generating the root cause analysis further comprises: generating a prompt for a large language model (LLM) based on: the incident record, a data schema of the computing environment, and a predetermined template, wherein the predetermined template includes an instruction to generate a root cause analysis; and configuring an LLM to execute the generated prompt’ is directed to generic computer components recited at a high-level of generality such that they amount to nothing more than mere instructions to apply the exception using generic computer components (MPEP 2106.05(f)). Without any specification of details pertaining to how the associated large language model is trained and/or how the actual machine learning is performed. Such details would include description of specific algorithms used in training the large language model. As currently written, the limitations in the claim describe merely certain data inputted to the large language model and received. There is no indication that the combination of elements solves a technological problem other than merely taking advantage of the inherent advantages of using existing artificial intelligence technology (i.e., machine learning) in its ordinary, off-the-shelf capacity to apply the identified judicial exception. Simply implementing the abstract idea(s) on a general purpose processor or other generic computer component is not a practical application of the abstract idea(s).
Regarding claim 10, the limitations ‘parse each alert record based on a predetermined data field; correlate a group of alert records of the plurality of alert records based on at least an extracted data value; determining that the change record of the plurality of change records is related to the incident data record based on the determined distance; determine that the change record is a root cause change of the incident data record’ are mental processes based on observation, evaluation, and/or judgment. The limitation ‘generate an incident data record based on the extracted data values of the correlated group of alert records; determine a distance in a vector space between the first vector and the second vector’ is a concept performed in the human mind by observation, evaluation, and/or judgment as well as by using pen and paper.
Step 2A: Prong two
This judicial exception is not integrated into a practical application because the additional elements ‘A non-transitory computer-readable medium storing a set of instructions for root cause analysis in incident processing, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the device; process the plurality of event records at the incident server, including a plurality of alert records and a plurality of change records’ is directed to generic computer components recited at a high-level of generality such that they amount to nothing more than mere instructions to apply the exception using generic computer components (MPEP 2106.05(f)).
Step 2B
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements ‘each event record generated based on an event in a computing environment communicatively coupled over the network interface to the incident server; extract from each predetermined data field a data value; initiate a mitigation action in the computing environment based on the root cause change’ are merely adding insignificant extra-solution of data gathering and correcting problems based on a root cause to the judicial exception (MPEP 2106.05(g)).
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements ‘generate a first vector representation of the change record in a vector database; generate a second vector representation in the vector database based on: the extracted data values, the incident data record, the correlated group of alert records, and a combination thereof’ is simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception - see MPEP 2106.05(d). The generating a first vector representation and a second vector representation is a concept performed in the human mind by observation, evaluation, and/or judgment. The storing of the generated vector representations is a well-understood, routine, conventional activity, as disclosed in MPEP 2106.05(d) - iv. Storing and retrieving information in memory, Versata Dev. Group, Inc. v. SAP Am., Inc., 793 F.3d 1306, 1334, 115 USPQ2d 1681, 1701 (Fed. Cir. 2015); OIP Techs., 788 F.3d at 1363, 115 USPQ2d at 1092-93.
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements ‘receiving, over a network interface, a plurality of event records at an incident server’ is simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception - i. Receiving or transmitting data over a network, e.g., using the Internet to gather data, Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); TLI Communications LLC v. AV Auto. LLC, 823 F.3d 607, 610, 118 USPQ2d 1744, 1745 (Fed. Cir. 2016) (using a telephone for image transmission); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1093 (Fed. Cir. 2015) (sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network); but see DDR Holdings, LLC v. Hotels.com, L.P., 773 F.3d 1245, 1258, 113 USPQ2d 1097, 1106 (Fed. Cir. 2014) ("Unlike the claims in Ultramercial, the claims at issue here specify how interactions with the Internet are manipulated to yield a desired result‐‐a result that overrides the routine and conventional sequence of events ordinarily triggered by the click of a hyperlink." (emphasis added)).
Regarding claim 11, the limitations ‘parse each alert record based on a predetermined data field; correlate a group of alert records of the plurality of alert records based on at least an extracted data value; determine that the change record of the plurality of change records is related to the incident data record based on the determined distance; determine that the change record is a root cause change of the incident data record’ are mental processes based on observation, evaluation, and/or judgment. The limitation ‘generate an incident data record based on the extracted data values of the correlated group of alert records; determine a distance in a vector space between the first vector and the second vector’ is a concept performed in the human mind by observation, evaluation, and/or judgment as well as by using pen and paper.
Step 2A: Prong two
This judicial exception is not integrated into a practical application because the additional elements ‘a processing circuitry; a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system; process the plurality of event records at the incident server, including a plurality of alert records and a plurality of change records’ is directed to generic computer components recited at a high-level of generality such that they amount to nothing more than mere instructions to apply the exception using generic computer components (MPEP 2106.05(f)).
Step 2B
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements ‘each event record generated based on an event in a computing environment communicatively coupled over the network interface to the incident server; extract from each predetermined data field a data value; initiate a mitigation action in the computing environment based on the root cause change’ are merely adding insignificant extra-solution of data gathering and correcting problems based on a root cause to the judicial exception (MPEP 2106.05(g)).
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements ‘generate a first vector representation of the change record in a vector database; generate a second vector representation in the vector database based on: the extracted data values, the incident data record, the correlated group of alert records, and a combination thereof’ is simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception - see MPEP 2106.05(d). The generating a first vector representation and a second vector representation is a concept performed in the human mind by observation, evaluation, and/or judgment. The storing of the generated vector representations is a well-understood, routine, conventional activity, as disclosed in MPEP 2106.05(d) - iv. Storing and retrieving information in memory, Versata Dev. Group, Inc. v. SAP Am., Inc., 793 F.3d 1306, 1334, 115 USPQ2d 1681, 1701 (Fed. Cir. 2015); OIP Techs., 788 F.3d at 1363, 115 USPQ2d at 1092-93.
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements ‘receiving, over a network interface, a plurality of event records at an incident server’ is simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception - i. Receiving or transmitting data over a network, e.g., using the Internet to gather data, Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); TLI Communications LLC v. AV Auto. LLC, 823 F.3d 607, 610, 118 USPQ2d 1744, 1745 (Fed. Cir. 2016) (using a telephone for image transmission); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1093 (Fed. Cir. 2015) (sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network); but see DDR Holdings, LLC v. Hotels.com, L.P., 773 F.3d 1245, 1258, 113 USPQ2d 1097, 1106 (Fed. Cir. 2014) ("Unlike the claims in Ultramercial, the claims at issue here specify how interactions with the Internet are manipulated to yield a desired result‐‐a result that overrides the routine and conventional sequence of events ordinarily triggered by the click of a hyperlink." (emphasis added)).
Regarding claim 12, the limitation ‘configure an artificial intelligence (AI) engine to determine that the change record is the root cause change based on any one of: the extracted data values, the correlated group of alert records, and any combination thereof’ is directed to generic computer components recited at a high-level of generality such that they amount to nothing more than mere instructions to apply the exception using generic computer components (MPEP 2106.05(f)).
Regarding claim 14, the limitation ‘determine that the change record is a root cause change in response to determining that the distance is below a predetermined threshold value’ is a concept performed in the human mind by observation, evaluation, and/or judgment based on comparing values.
Regarding claim 15, the limitation ‘determine that the change record is a suspected root cause change in response to determining that the distance is above the predetermined threshold value’ is a concept performed in the human mind by observation, evaluation, and/or judgment based on comparing values.
Regarding claim 16, the limitation ‘the distance is further determined to be below a second predetermined threshold value’ is a concept performed in the human mind by observation, evaluation, and/or judgment based on comparing values.
Regarding claim 17, the limitation ‘generate a root cause analysis based on the incident record’ is a concept performed in the human mind by observation, evaluation, and/or judgment.
Regarding claim 18, the limitation ‘generate the root cause analysis further based on the determined change record’ is a concept performed in the human mind by observation, evaluation, and/or judgment.
Regarding claim 19, the limitation ‘generate the root cause analysis further comprises: generating a prompt for a large language model (LLM) based on: the incident record, a data schema of the computing environment, and a predetermined template, wherein the predetermined template includes an instruction to generate a root cause analysis; and configure an LLM to execute the generated prompt’ is directed to generic computer components recited at a high-level of generality such that they amount to nothing more than mere instructions to apply the exception using generic computer components (MPEP 2106.05(f)). Without any specification of details pertaining to how the associated large language model is trained and/or how the actual machine learning is performed. Such details would include description of specific algorithms used in training the large language model. As currently written, the limitations in the claim describe merely certain data inputted to the large language model and received. There is no indication that the combination of elements solves a technological problem other than merely taking advantage of the inherent advantages of using existing artificial intelligence technology (i.e., machine learning) in its ordinary, off-the-shelf capacity to apply the identified judicial exception. Simply implementing the abstract idea(s) on a general purpose processor or other generic computer component is not a practical application of the abstract idea(s).
Regarding claim 20, the limitation ‘wherein the mitigation action in the computing environment is revoking a permission’ is simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception.
USPN 20200028714A1 – paragraph 0064 - When a compliance rule is violated, the management agent can take remedial actions such as blocking an application or process, revoking permissions, uninstalling software, or wiping the user device 410, as appropriate.
USPN 20200358778A1 – paragraph 0018 - Such remedial measures may include granting and/or revoking permissions to computing resources of the computing system.
Regarding claim 21, the limitation ‘wherein the mitigation action in the computing environment is uninstalling a software update’ is simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception.
USPN 20200028714A1 – paragraph 0064 - When a compliance rule is violated, the management agent can take remedial actions such as blocking an application or process, revoking permissions, uninstalling software, or wiping the user device 410, as appropriate.
USPN 20060080656A1 – paragraph 0430 - It is possible that despite your testing, you will run into problems after installing the software update that require you to uninstall it.
Regarding claim 22, the limitation ‘wherein the mitigation action in the computing environment is installing a software update’ is simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception.
USPN 20060259974A1 - The foregoing problems with the state of the prior art are overcome by the principles of the present invention, which are directed toward a system, method, and computer-readable medium for opportunistically installing a software update on a computer that closes a vulnerability that exists on the computer.
USPN 20160276873A1 – paragraph 0259 - It is noted that the installing a software update may be required to fix a known fault or may be necessary to make use of new software features.
There is no prior art rejection for claims 1,2,4-12,14-19.
Response to Arguments
Applicant’s arguments and amendments have been fully considered. Concerning Applicant’s arguments of the 101 rejection on page 10, the limitations ‘receiving, over a network interface, a plurality of event records at an incident server; processing the plurality of event records, . .. each event record generated based on an event in a computing environment communicatively coupled over the network interface to the incident server’ have been rejected under well-understood, routine, conventional and generic computer components, respectively. Please see the above rejection.
Concerning Applicant’s arguments on pages 10-11 of ‘processing a plurality of event records’, the Examiner would like to point out that the human mind is capable of performing said ‘processing’. The claim only states a processing of a ‘plurality of event records’. This ‘processing’ can be performed by a human mind and/or with aid of using a computer as a tool. There are no limitations as to what is performing said ‘processing’ nor a time limit of performing ‘processing’ nor how many events are being processed in the claim; therefore, a human mind can perform these actions.
Concerning Applicant’s arguments on pages 12-13, the ‘initiating a mitigation action’ in claim 1 is considered insignificant extra-solution activity. The mitigation action is for any type of mitigation action. The mitigation actions disclosed in claims 20-22 have been rejected under well-understood, routine, conventional. Please see the above rejection.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Yolanda L Wilson whose telephone number is (571)272-3653. The examiner can normally be reached M-F (7:30 am - 4 pm).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Bryce Bonzo can be reached at 571-272-3655. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Yolanda L Wilson/Primary Examiner, Art Unit 2113