Document Details

Normalization Schema Audit
Home / Scan #246 / Normalization Schema Audit
Sad Tux - Windows bias detected
This page contains Windows bias

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
GitHub View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types
windows_examples
windows_terms
windows_first
Summary
The documentation page is largely platform-neutral in its schema descriptions, but there are several subtle signs of Windows bias. Examples of hostnames and usernames use Windows-style formats (e.g., 'DESKTOP-1282V4D', domain\hostname, 'Windows' as UsernameType), and fields like 'Scheduled Task', 'Service', and 'Directory Service Object' are more common in Windows environments. The only concrete example of an acting application is a Windows path ('C:\Windows\System32\svchost.exe'). Linux/macOS equivalents are not mentioned, and Windows terminology appears first or exclusively in some field descriptions.
Recommendations
  • Add Linux/macOS-specific examples for hostnames, usernames, and application paths (e.g., '/usr/bin/sshd', 'ubuntu-server', 'user@domain').
  • Include Linux/macOS object types in the ObjectType field (e.g., 'Cron Job', 'Systemd Service', 'Unix Group').
  • When describing FQDN and domain formats, mention Linux/macOS conventions (e.g., 'hostname.domain.tld').
  • Provide examples of audit events from Linux/macOS systems alongside Windows examples.
  • Clarify that the schema is intended to be cross-platform and provide guidance for mapping Linux/macOS audit concepts to the schema fields.
GitHub Create Pull Request

Scan History

Date Scan Status Result
2026-01-14 00:00 #250 in_progress Clean Clean
2026-01-13 00:00 #246 completed Biased Biased
2026-01-11 00:00 #240 completed Biased Biased
2026-01-10 00:00 #237 completed Biased Biased
2026-01-09 00:34 #234 completed Biased Biased
2026-01-08 00:53 #231 completed Biased Biased
2026-01-06 18:15 #225 cancelled Clean Clean
2025-08-17 00:01 #83 cancelled Clean Clean
2025-07-13 21:37 #48 completed Clean Clean
2025-07-12 23:44 #41 cancelled Biased Biased

Flagged Code Snippets