Normalization - Document Details

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.

View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types

windows_first

windows_tools

missing_linux_example

Summary

The documentation demonstrates a subtle Windows bias by referencing Windows-specific tools and data sources (e.g., Windows Events, Sysmon, Microsoft Defender for Endpoint) as primary examples when discussing normalized data and analytics. There are no explicit Linux or cross-platform examples, nor are Linux-native tools or event sources mentioned, which may give the impression that ASIM is primarily for Windows environments.

Recommendations

Include explicit examples of Linux event sources (e.g., auditd, syslog, journald) alongside Windows examples when discussing supported data sources and schemas.
Mention Linux-native tools and logs (such as Linux audit logs, syslog, or cloud-native sources) in lists and examples to demonstrate cross-platform applicability.
Provide sample queries or use cases that involve Linux data sources to illustrate parity.
Ensure that when listing supported sources or schemas, both Windows and Linux examples are presented, ideally alternating or grouping by platform rather than defaulting to Windows-first.
Add a section or note clarifying ASIM's support for Linux and other non-Windows platforms, including any limitations or special considerations.

Create Pull Request

Scan History

Date	Scan	Status	Result
2026-01-14 00:00	#250	in_progress	Clean
2026-01-13 00:00	#246	completed	Clean
2026-01-11 00:00	#240	completed	Clean
2026-01-10 00:00	#237	completed	Clean
2026-01-09 00:34	#234	completed	Clean
2026-01-08 00:53	#231	completed	Clean
2026-01-06 18:15	#225	cancelled	Clean
2025-08-17 00:01	#83	cancelled	Clean
2025-07-13 21:37	#48	completed	Clean
2025-07-12 23:44	#41	cancelled	Biased