ROLE BASED SYSLOG RECORD ACCESS

DETAILED ACTION This Office action is in response to amendments and remarks filed by Applicant on 1/20/2026. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment Applicant presents amendments to claims 1–2, 4–5, 9–15, 18. All amendments have been fully considered. Applicant’s amendments are sufficient to overcome both rejections under 35 U.S.C. 101. The rejections are withdrawn. Applicant’s amendments are sufficient to overcome the previous combination of references serving as the basis for the rejection under 35 U.S.C. 103. Therefore, a new search was conducted in light of the new subject matter to identify art applicable to the amended claims. As a result, a new combination of references was identified and new rejections are presented below. Response to Arguments Applicant presents arguments with respect to claims 1–20. All arguments have been fully considered. In light of the substance discussed in the most recent interview with Applicant’s counsel and considering the amended subject matter of the claims, the Examiner agrees that the previous combination of prior art fails to disclose the claimed invention. As mentioned above, a new search was required and new prior art rejections under 35 U.S.C. 103 are presented below. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1–3, 10–13, 15–17 rejected under 35 U.S.C. 103 as being unpatentable over Wang (US 2020/0313878 A1, published Oct. 1, 2020) in view of Hussein (US 2010/0241844 A1, published Sep. 23, 2010). Regarding claims 1, 11, and 15, Wang discloses: a method comprising: receiving, from a user device, a request to read a system log (the log server 310 receives a log review request from a computing device of a reviewer user to access information in the log file. Wang Figure 3, element 306 and ¶ 54.), wherein the system log contains unredacted records of events that have occurred in a computer system (log files contain information relating to the usage of data logged to allow data owners to determine that the usage of their personal data does not violate user agreements. Wang ¶ 87.); determining a user identity associated with the request (the access control layer 340 ensures that the proper requestors have the appropriate access to the data server by identifying, authenticating, and authorizing access to the data server. Wang ¶¶ 38, 41, 47, and 54.). Wang does not disclose: in response to the request, generating a redacted system log based on the unredacted records of the events in the system log using a policy and the user identity, wherein the policy indicates data from the unredacted records of the events in the system log to not include in the redacted system log, according to the user identity, wherein the redacted system log is different from the system log; and transmitting the redacted system log to the user device. However, Hussein does disclose: in response to the request, generating a redacted system log based on the unredacted records of the events in the system log using a policy and the user identity, wherein the policy indicates data from the unredacted records of the events in the system log to not include in the redacted system log, according to the user identity (the server sends data that contains the unredacted data to the intercept appliance before it makes it way to the call center employee’s screen. Hussain ¶ 21. The redaction appliance applies the redaction rules and masks out all of the sensitive received data based upon a client’s role within an organization. Hussain ¶¶ 15 and 21. Identity, authentication, and role determination are performed on the client by the role database 106 and rules database 105. Hussein ¶ 17.), wherein the redacted system log is different from the system log (information received by the redaction device from the application server is unredacted as shown in Figure 4, element 401, which is different from what is generated to be sent by the redaction device to the client in Figure 4, element 402. Hussein Figure 4 and ¶ 21.); and transmitting the redacted system log to the user device (redacted data generated and sent by the redaction device to the client. Hussein Figure 4 and ¶ 21. The masked information is not conveyed to the client and hence not displayed at the information destination. Hussein ¶ 17.). Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the access management and control of computer log data based upon requestor’s permissions of Wang with generating a separate redacted version of requested data to be delivered to a requestor based upon the requestor’s identity based upon the teachings of Hussein. The motivation being to protect sensitive data from an employee in a company call center with no need to access such information. Hussein ¶ 21. Regarding claims 2, 12, and 16, Wang in view of Hussein disclose the limitations of claims 1, 11, and 15, respectively, wherein the redacted system log further comprises: determining an access level based on the user identity (implementing access control for interactions between the client and the data server by identifying, authenticating, and authorizing the clients for access and the access control layer checks the client permissions. Wang ¶¶ 41 and 47.); and determining filtering properties from the policy for the system log based on the access level (permission is granted by the access control layer 340 and degree of access to information in the log file for the reviewer user is determined based upon attribute of the reviewer user and causes information corresponding to the response log entry to be displayed. Wang ¶¶ 47 and 54. Hussein uses authentication information contained in the request and once authenticated, the information is used to determine the requestor’s role and the corresponding redaction rules for this role from the rules database and applies the redaction rules to generate the redacted data to be sent to the requestor. Hussein ¶ 17.). Regarding claims 3, 13, and 17, Wang in view of Hussein discloses the limitations of claims 2, 12, and 16, respectively, wherein the filtering properties indicate which portions of the system log should be redacted (using authentication information contained in the request and once authenticated, the information is used to determine the requestor’s role and the corresponding redaction rules for this role from the rules database and applies the redaction rules to generate the redacted data to be sent to the requestor. Hussein ¶ 17.). Regarding claim 10, Wang in view of Hussein discloses the limitations of claim 1, wherein a data controller that generates the redacted system log executes in an external system to the user device (using authentication information contained in the request and once authenticated, the information is used to determine the requestor’s role and the corresponding redaction rules for this role from the rules database and applies the redaction rules to generate the redacted data to be sent to the requestor. Hussein ¶ 17.). Claims 4, 14, 18 rejected under 35 U.S.C. 103 as being unpatentable over Wang in view of Hussein in view of Akkapeddi (US 12,026,173 B1, issued Jul. 2, 2024). Regarding claims 4, 14, and 18, Wang in view of Walker in view of Subbiah discloses the limitations of claims 2, 12, and 16, respectively. Wang in view of Hussein does not disclose: wherein the policy includes a plurality of access levels, wherein the filtering properties corresponding to each of the plurality of access levels are different. However, Akkapeddi does disclose: wherein the policy includes a plurality of access levels, wherein the filtering properties corresponding to each of the plurality of access levels are different (masking sensitive system log data where different access levels or permissions require that sensitive information should not be provided to un-authorized users. Akkapeddi 7:16–45.). Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the access management and control of computer log data based upon requestor’s permissions of Wang with distinguishing redacted data between a plurality of access levels based upon the teachings of Akkapeddi. The motivation being where data is acceptable to be provided to certain users, such as the last four digits of a social security number, as opposed to the entire value. Akkapeddi 7:16–45. Claims 5–8, 19–20 rejected under 35 U.S.C. 103 as being unpatentable over Wang in view of Hussein in view of Akkapeddi in view of Subbiah (US 2019/0026163 A1, published Jan. 24, 2019). Regarding claim 5, Wang in view of Hussein in view of Akkapeddi disclose the limitations of claim 4. Wang in view of Hussein in view of Akkapeddi does not disclose: wherein a first access level of the plurality of access levels corresponds to a first type of user identity, wherein the user identity is a first user identity, and wherein a second access level of the plurality of access levels corresponds to a second type of user identity. However, Subbiah does disclose: wherein a first access level of the plurality of access levels corresponds to a first type of user identity, wherein the user identity is a first user identity, and wherein a second access level of the plurality of access levels corresponds to a second type of user identity (permissions indicate the role of the user such that logs are configured for different users or different user roles where the roles are distinguished by the intended audience of the log, for example an application developer or a financial user, etc. Subbiah ¶ 25.). Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the access management and control of computer log data based upon requestor’s permissions of Wang with determining access level based upon user identity and filtering properties based upon access level based upon the teachings of Subbiah. The motivation being to protect sensitive information in log files from users without appropriate authorization to access the information. Subbiah ¶ 26. Regarding claims 6 and 19, Wang in view of Hussein in view of Akkapeddi in view of Subbiah disclose the limitations of claim 5, wherein the filtering properties of the first access level is a subset of the filtering properties of the second access level (permission roles that drive what particular data is accessed by certain user roles includes a wide variety of users with overlapping requirements and overlapping log events. Subbiah ¶¶ 11 and 16.). Regarding claims 7 and 20, Wang in view of Hussein in view of Akkapeddi in view of Subbiah discloses the limitations of claims 6 and 19, respectively, wherein the first access level is an admin access level and the second access level is a lower access level (the log access engine 112 determines for a user 114 whether the user ID associated with the user had permissions to access all or just a part of the data of the log 104 and may either deny the user access to the log, or otherwise mask, obscure, separate, remove, or replace the sensitive information or data. Subbiah ¶ 27.). Regarding claim 8, Wang in view of Hussein in view of Akkapeddi in view of Subbiah discloses the limitations of claim 4, wherein a third access level of the plurality of access levels corresponds to a third type of user identity, wherein the filtering properties of a second access level is a subset of the filtering properties of the third access level, wherein the third access level is a lower access level than the second access level (permission roles that drive what particular data is accessed by certain user roles includes a wide variety of users with overlapping requirements and overlapping log events. Subbiah ¶¶ 11 and 16.). Claim 9 rejected under 35 U.S.C. 103 as being unpatentable over Wang in view of Hussein in view of Lehmann (US 2017/0262329 A1, published Sep. 14, 2017). Regarding claim 9, Wang in view of Hussein discloses the limitations of claim 1. Wang in view of Hussein does not disclose: wherein a data controller that generates the redacted system log executes on a file viewer application on the user device. However, Lehmann does disclose: wherein a data controller that generates the redacted system log executes on a file viewer application on the user device (a user interface of a first computing device modifies a log file by redacting/obfuscating information therein. Lehmann ¶ 3.). Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the access management and control of computer log data based upon requestor’s permissions of Wang with generating a redacted log file on a file viewer application on the user device based upon the teachings of Lehmann. The motivation being that a vendor can provide information to customers premises to deal with an issue with a supported product. Lehmann ¶ 2. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to VANCE LITTLE whose telephone number is (571) 270-0408. The examiner can normally be reached Monday - Friday 9:30am - 5:30pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung (Jay) Kim can be reached at (571) 272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /VANCE M LITTLE/Primary Examiner, Art Unit 2494