Document Details

Normalization Develop Parsers
Home / Scan #237 / Normalization Develop Parsers
Sad Tux - Windows bias detected
This page contains Windows bias

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
GitHub View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types
windows_first
powershell_heavy
windows_tools
missing_linux_example
Summary
The documentation demonstrates a Windows bias in several areas. Examples and instructions for deploying and managing parsers frequently reference Windows-centric tools and workflows, such as PowerShell scripts and the Azure portal, with no mention of Linux alternatives. The use of Windows event sources (e.g., 'Microsoft-Windows-Sysmon') is prioritized in examples, and deployment steps reference deleting functions via a PowerShell tool. There is a lack of explicit Linux or cross-platform guidance, and Linux-native tools or CLI workflows are not discussed, even though Sentinel and KQL can be used from Linux environments.
Recommendations
  • Provide equivalent Linux/bash examples for deployment, such as using Azure CLI or REST API instead of PowerShell.
  • Include instructions for managing ARM templates and functions from Linux/macOS environments.
  • Balance examples between Windows and Linux event sources (e.g., show Syslog and Windows Event Log examples side-by-side).
  • Reference cross-platform tools (e.g., Azure CLI, VS Code) before or alongside Windows-specific tools.
  • Clarify that all steps can be performed from Linux environments and provide explicit commands or scripts.
  • Add troubleshooting and testing guidance for Linux users, including how to export data and run KQL queries from Linux.
GitHub Create Pull Request

Scan History

Date Scan Status Result
2026-01-14 00:00 #250 in_progress Biased Biased
2026-01-13 00:00 #246 completed Biased Biased
2026-01-11 00:00 #240 completed Biased Biased
2026-01-10 00:00 #237 completed Biased Biased
2026-01-09 00:34 #234 completed Biased Biased
2026-01-08 00:53 #231 completed Biased Biased
2026-01-06 18:15 #225 cancelled Clean Clean
2025-08-17 00:01 #83 cancelled Clean Clean
2025-07-13 21:37 #48 completed Biased Biased
2025-07-12 23:44 #41 cancelled Biased Biased

Flagged Code Snippets