Document Details

Data Source Schema Reference
Home / Scan #240 / Data Source Schema Reference
Sad Tux - Windows bias detected
This page contains Windows bias

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
GitHub View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types
windows_first
missing_linux_example
Summary
The documentation page lists data source schemas for Microsoft Sentinel, with a strong focus on Azure and Microsoft-centric sources. While there is a single explicit mention of Linux (Syslog), the majority of examples and references are either Azure-native or related to Microsoft/Windows technologies. There is no mention of Windows Event Logs or Powershell, but the structure and ordering (Azure/Microsoft first, Linux as a single row) may suggest a 'windows_first' or 'microsoft_first' bias. There are no Linux-specific tools or patterns described beyond Syslog, and no Linux-specific configuration or usage examples are provided.
Recommendations
  • Add explicit references and schema links for Windows Event Logs to provide parity with the Linux Syslog entry.
  • Include examples or documentation links for both Windows and Linux data sources in each relevant section, not just as a single row for Linux.
  • Provide more balanced ordering in tables, e.g., grouping 'Host' sources (Windows and Linux) together and listing both with equal detail.
  • Add configuration or integration guidance for both Windows and Linux hosts, ensuring that Linux is not represented only by Syslog.
  • Where possible, include cross-platform examples or highlight differences in data collection and schema between Windows and Linux hosts.
GitHub Create Pull Request

Scan History

Date Scan Status Result
2026-01-14 00:00 #250 in_progress Clean Clean
2026-01-13 00:00 #246 completed Clean Clean
2026-01-11 00:00 #240 completed Biased Biased
2026-01-10 00:00 #237 completed Biased Biased
2026-01-09 00:34 #234 completed Biased Biased
2026-01-08 00:53 #231 completed Biased Biased
2026-01-06 18:15 #225 cancelled Clean Clean
2025-08-17 00:01 #83 cancelled Clean Clean
2025-07-13 21:37 #48 completed Clean Clean
2025-07-12 23:44 #41 cancelled Clean Clean