Conversation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Move requirements/ and install/ under overview/ as subsections - Rename overview intro to "Intro to the Product" - Delete architecture.md (not needed) - Remove 7 top-level sections: getting started, connectors, admin, dashboards, sensitive data discovery, activity monitoring, troubleshooting - Clear KB articles, keep as placeholder - Update all verbiage to reflect on-premises deployment (not cloud/SaaS) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…sections Restructured v1.0 docs from nested Overview into flat top-level sections: Overview, System Requirements, Connector Requirements, Installation, Start Collecting Data, Configurations, Utilizing Scanners, Dashboards, Reports, and Activity Monitor Integration. All pages contain placeholder content for outline review. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…s/Reports, scanner subsections - File Servers: converted to directory, moved CIFS under it, added Unity, Celerra, VNX, NetApp - Dashboards and Reports: merged Dashboards Overview + Reports Overview into single section - Removed access, content, activity, sensitive data report pages; kept My Reports - Added How to Analyze Reports subsection - Utilizing Scanners: renamed overview, added Best Practices subsection Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Bumps the npm_and_yarn group with 1 update in the / directory: [path-to-regexp](https://github.com/pillarjs/path-to-regexp). Updates `path-to-regexp` from 0.1.12 to 0.1.13 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.12...v.0.1.13) --- updated-dependencies: - dependency-name: path-to-regexp dependency-version: 0.1.13 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…tion outline - Move System Requirements under Installation - Rename 'Start Collecting Data' → 'Quick Start Guides'; rename 4 scan guide pages to 'Scanning X' pattern - Convert scan guide pages to directories; nest source group wizard pages under each module - Rename 'Configurations and Making Changes' → 'Configuration'; 'Configuration Node' → 'Settings' - Reorder Settings pages to match UI sidebar (Service Accounts → Source Groups → Scans → Scan Executions → Sensitive Data → Users → Application Settings → System Logs → Notifications) - Remove Sources page (replaced by Source Groups) - Add Notifications stub page - Convert Sensitive Data to directory; move MIP Labeling as child page - Move Activity Monitor Integration under Quick Start Guides; rename to 'Activity Monitor Integration' - Rename 'Utilizing Scanners' → 'Scanners' - Fix duplicate connector titles (Entra ID and SharePoint Online both had 'Setting Up Requirements Within Entra') - Rename connector pages: Client Secret Configuration, Certificate Configuration, Entra Tenant Requirements, App Permissions in Entra - Populate connector prerequisite pages (AD, File Servers, Entra ID, SharePoint Online) with real content - Add Scanners overview page (Kubernetes-based architecture) - Naming/grammar: remove 'My First', 'Utilizing', 'Understanding the', 'How to', 'Setting up' prefixes across titles Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Expand the outbound endpoint tables in network.md and quickinstall.md from 4 incomplete rows to the full 18 required domains, grouped by category (Keygen/Licensing, GitHub, Docker Hub/CDN, K3s/Rancher) with When Required column. Add Required Domains section to quickinstall.md so the quick guide is self-contained. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Rename docs/accessanalyzer/1.0/ → docs/accessanalyzer/2601/ - Rename sidebars/accessanalyzer/1.0.js → sidebars/accessanalyzer/2601.js - Update version/label/sidebarFile in src/config/products.js - Update kb_allowlist.json entry for accessanalyzer Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…at GA Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…verview - Add full quick start guides for Active Directory, File Servers, Entra ID, and SharePoint Online — each with a scanning overview, scanning options, set-up walkthrough, schema reference (where applicable), and reports page - Add product overview and architecture overview with Mermaid diagram - Restructure configurations: flatten configuration-node hierarchy, nest Scanners under Source Groups, add service accounts subsection - Add SharePoint Online connector overview page - Remove replaced stubs: activity-data, activity-monitor-integration, old getting-started placeholders, top-level scanners section - Update inbound links to reflect new scanner path under source-groups Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
…tation AA26: Add quick start guides, schema references, reports pages, and overview
…ctices docs Documents source group management (create/edit/run/delete), scan configuration by connector type with concurrency guidance and scheduling, scan execution status definitions with aggregate logic, and scanner best practices for labeling, concurrency scaling, grouping strategy, and least-privilege naming. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
…tation AA26: Source groups, scans, scan executions, and scanner best practices
Replace entra-id.md and sharepoint-online.md with client-id-secret.md and client-id-certificate.md so sidebar titles match the credential type labels shown in the application UI. Data source context is in the article body. Update cross-references and overview table to match. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
…tation AA26: Rename service account pages to match UI credential type names
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Move requirements/ and install/ under overview/ as subsections - Rename overview intro to "Intro to the Product" - Delete architecture.md (not needed) - Remove 7 top-level sections: getting started, connectors, admin, dashboards, sensitive data discovery, activity monitoring, troubleshooting - Clear KB articles, keep as placeholder - Update all verbiage to reflect on-premises deployment (not cloud/SaaS) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…sections Restructured v1.0 docs from nested Overview into flat top-level sections: Overview, System Requirements, Connector Requirements, Installation, Start Collecting Data, Configurations, Utilizing Scanners, Dashboards, Reports, and Activity Monitor Integration. All pages contain placeholder content for outline review. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…s/Reports, scanner subsections - File Servers: converted to directory, moved CIFS under it, added Unity, Celerra, VNX, NetApp - Dashboards and Reports: merged Dashboards Overview + Reports Overview into single section - Removed access, content, activity, sensitive data report pages; kept My Reports - Added How to Analyze Reports subsection - Utilizing Scanners: renamed overview, added Best Practices subsection Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…tion outline - Move System Requirements under Installation - Rename 'Start Collecting Data' → 'Quick Start Guides'; rename 4 scan guide pages to 'Scanning X' pattern - Convert scan guide pages to directories; nest source group wizard pages under each module - Rename 'Configurations and Making Changes' → 'Configuration'; 'Configuration Node' → 'Settings' - Reorder Settings pages to match UI sidebar (Service Accounts → Source Groups → Scans → Scan Executions → Sensitive Data → Users → Application Settings → System Logs → Notifications) - Remove Sources page (replaced by Source Groups) - Add Notifications stub page - Convert Sensitive Data to directory; move MIP Labeling as child page - Move Activity Monitor Integration under Quick Start Guides; rename to 'Activity Monitor Integration' - Rename 'Utilizing Scanners' → 'Scanners' - Fix duplicate connector titles (Entra ID and SharePoint Online both had 'Setting Up Requirements Within Entra') - Rename connector pages: Client Secret Configuration, Certificate Configuration, Entra Tenant Requirements, App Permissions in Entra - Populate connector prerequisite pages (AD, File Servers, Entra ID, SharePoint Online) with real content - Add Scanners overview page (Kubernetes-based architecture) - Naming/grammar: remove 'My First', 'Utilizing', 'Understanding the', 'How to', 'Setting up' prefixes across titles Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Expand the outbound endpoint tables in network.md and quickinstall.md from 4 incomplete rows to the full 18 required domains, grouped by category (Keygen/Licensing, GitHub, Docker Hub/CDN, K3s/Rancher) with When Required column. Add Required Domains section to quickinstall.md so the quick guide is self-contained. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Rename docs/accessanalyzer/1.0/ → docs/accessanalyzer/2601/ - Rename sidebars/accessanalyzer/1.0.js → sidebars/accessanalyzer/2601.js - Update version/label/sidebarFile in src/config/products.js - Update kb_allowlist.json entry for accessanalyzer Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…at GA Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…verview - Add full quick start guides for Active Directory, File Servers, Entra ID, and SharePoint Online — each with a scanning overview, scanning options, set-up walkthrough, schema reference (where applicable), and reports page - Add product overview and architecture overview with Mermaid diagram - Restructure configurations: flatten configuration-node hierarchy, nest Scanners under Source Groups, add service accounts subsection - Add SharePoint Online connector overview page - Remove replaced stubs: activity-data, activity-monitor-integration, old getting-started placeholders, top-level scanners section - Update inbound links to reflect new scanner path under source-groups Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
- Add System Logs documentation (viewing, filtering, downloading, and common troubleshooting scenarios) - Rename File Server scanner entry to "all supported file system types" instead of "Windows File Servers" to reflect actual connector scope - Remove Notifications configuration page - Remove Active Directory Dashboard, Data Security Dashboard, and Analyzing Data pages; clean up cross-references in three set-up guides Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
…tation AA26: System logs docs, scanner scope fix, remove stale pages
…ity Provider docs - My Reports: full article covering save, open, rename, delete, table reference - Reports: consolidated index of all available reports across File Server, SharePoint, and dashboards - Users: full article covering roles, local/IdP add flows, edit constraints, activate/deactivate, password reset, delete - Sensitive Data: full article covering MIP configuration, data types with included terms, OCR, label handling behavior - Identity Provider: new article covering Entra ID OIDC/SAML, generic SAML, and LDAP/AD setup with two-part structure (IdP-side prep and Access Analyzer-side prep) Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
- New install/identity-provider.md: infrastructure prerequisites by IdP type (Entra ID OIDC/SAML, generic SAML, LDAP/AD), network requirements, custom CA bundle setup, kcadm.sh connection process, verification steps, and troubleshooting table - Updated configurations/identity-provider.md: added cross-link to installation article Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
Replaces vague bullet-point steps with complete kubectl/kcadm.sh commands for all four IdP types (Entra OIDC, Entra SAML, Generic SAML, LDAP/AD). Adds operator scope note, before-you-begin checklist, shared authentication step, verification commands, and next-steps cross-link to the config article. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
Adds introductory context for each IdP section and explanatory sentences before each command so the article reads as a guided procedure rather than a script dump. Commands and technical accuracy are unchanged. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
…hase 2 NAS vendor pages Phase 1 — fixes to existing file server docs: - cifs.md: rewrote permissions section to remove legacy StealthAUDIT requirements; added Supported versions section; fixed DFS and NAS acronym expansions; corrected heading case - file-servers.md: added Supported platforms section with links to all 6 connector pages; removed domain restriction on service account; fixed heading case throughout - scanning-options.md: added Scan Depth to summary table and Access detail section; expanded PII, PHI, OCR acronyms - set-up-source-group.md: converted bold step format to numbered list; added Domain field step and Scan Depth option; expanded OCR; fixed heading case - schema-reference.md: changed 5 table headings from snake_case to normal text; expanded UNC and SID acronyms Phase 2 — NAS vendor connector pages written from placeholder stubs: - netapp.md: ONTAP SVMs architecture, supported versions, Year 2038 timestamp known behavior - isilon-powerscale.md: OneFS access zones architecture, supported versions - dell-unity.md: NAS servers architecture, supported versions - vnx.md: Data Movers architecture, supported versions (VNX2 and VNX separate lines) - celerra.md: Data Movers architecture, DART OS supported versions Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
… up sections, reports - activity-monitor-integration.md: replaced all "AA26" shorthand with "Access Analyzer"; added TCP port 1514 to prerequisites, step 5, and a Ports table; removed horizontal rule separators; made verification step point to the Activity Investigation report specifically; removed off-topic Migrate Credentials related link - All 6 connector pages (cifs, netapp, isilon-powerscale, dell-unity, vnx, celerra): added ## Set up section with vendor-specific topology note and link to set-up-source-group.md; normalized section order to Supported versions → Requirements → Set up → additional sections across all pages; removed duplicate topology sentences from intros of isilon, dell-unity, and celerra - vnx.md: added paragraph clarifying VNX2 vs VNX product line distinction - reports.md: added note callout linking Activity Investigation and Sensitive Data Activity reports to activity-monitor-integration.md Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
…orts to Quick Install - Absolute preflight minimum: 8 GB → 24 GB RAM - Sizing tiers: Small 32→24 GB, Medium 64→48 GB, Large 128→64 GB - Hyper-V StartupBytes example: 16GB → 24GB - Swap threshold: 16 GB → 32 GB - install-commands.md preflight table: FAIL 8→24 GB, WARN 16→48 GB - Quick Install: replace min/recommended table with 3-tier sizing + disk path table - Quick Install: add Internal Ports section (Traefik, K3s, ArgoCD, PostgreSQL, ClickHouse, Redis) Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
docs(2601): File server connector documentation — Phase 1, 2, and 3
…anage, best practices
- overview.md: rewrote to remove "Pending Documentation" placeholder; added system vs. custom scanner distinction, when to use each, architecture comparison table (vs. legacy NAA v12), scanner labels explanation, and related pages navigation
- requirements.md: new — Linux OS, hardware minimums (2 CPU / 512 MB RAM / 5 GB disk), software prerequisites (curl, bash, passwordless sudo), ports table (22 for registration only, 6443 ongoing), internet access to get.k3s.io, SSH service account requirement
- deploy-scanner.md: new — full wizard walkthrough including ssh-keyscan instructions for host key retrieval, service account inline creation/edit, label entry with normalization notes, Test Connection, Deploy, registration process (preflight → k3s install → cluster join, ~5 min), post-deployment source group assignment, edit a scanner
- manage-scanners.md: new — Scanners table column reference, health status table (Healthy/Warning/Error/Offline) with operational guidance, scan status table (Idle/In Progress), search, connect source groups, delete with constraints
- best-practices.md: updated — fixed wrong setting name ("Max Concurrent Scans" → Workers) and wrong default (1 → 3); fixed sidebar_position conflict (20 → 50); removed misleading SharePoint naming example; added scanner redundancy section (shared labels for failover), health monitoring section with common causes; reserved scanner-default label note
Generated with AI
Co-Authored-By: Claude Code <ai@netwrix.com>
docs(2601): Scanner documentation — overview, requirements, deploy, manage, best practices
… updates - Rewrote activity-monitor-integration.md: architecture diagram, mTLS/SPKI security model, 4-step setup, 14 settings across 4 tables, best practices, troubleshooting, and settings quick reference - Updated keyconcepts.md: removed Sources section, added host context to Source Groups, added User Roles, Scan Executions, and MIP Labels sections, removed Report Export subsection, fixed service account types (SSH = edge scanners) - Updated overview.md: fixed Entra ID source description, added Key Capabilities table, read-only callout, architecture audience framing, and Next Steps section
- Restructured quickinstall.md to cover both AD and Entra ID OIDC - Added Azure App Registration prerequisites inline (redirect URI, Graph API permissions, client secret) - Added Option A (AD) and Option B (Entra ID) installation sections - Added Entra ID installer flag reference table - Clarified Step 6 sign-in for both options — removed IDP_ALIAS reference - Moved Roles section to shared position after both options - Preserved existing SYNC markers
Source Groups: - Removed Max Concurrent Scans from create wizard, edit fields, run scans section, and constraints table - Updated Scan Types column to link to scans.md Scans: - Fixed scan type names: AD → Active Directory Inventory, Entra ID → Users, Groups and Roles - Added descriptions for all four scan types - Added concurrent option callout for Access and Sensitive Data scans - Removed Max Concurrent Scans section - Added Scan Location section (system scanner vs scanner labels) - Expanded Schedule section with Run now, Run at, and Advanced cron options Scanners — requirements.md: - Added Preflight Checks table (7 checks validated before k3s install) - Added SSH Port configurability note (default 22) - Upgraded passphrase warning to explicit admonition - Improved service account inline-creation note (+ button reference) Scanners — best-practices.md: - Added Label matching behavior subsection (ANY not ALL) - Added Label key/value constraints table with prefix expansion note - Expanded scanner redundancy section with automatic failover detail Scanners — deploy-scanner.md: - Aligned all field names and order with Deploy Scanner UI - Added Name (display name) and SSH Host as separate fields - Added SSH Port step (optional, defaults to 22) - Renumbered steps throughout; updated Before You Begin cross-reference - Clarified labels are required — Deploy button blocked until one is applied - Moved Test connection to bottom-bar button description
…aul, key concepts update - Add InformationProtectionPolicy.Read.All to entra-requirements, entra-id connector overview, and entra-id getting started prerequisites - Update keyconcepts.md: add MIP Labels section with write-back scope and Entra ID scan prerequisite - Rewrite sensitive-data.md label handling: clarify write-back to files behavior, dual prerequisite (mapped label + enabled option), nested Allow downgrading labels, Entra ID scan prerequisite for tenant dropdown - Overhaul users.md: correct 3-role model (Administrator/User Admin/Viewer), add bootstrap admin section with kubectl command, add Recommended initial setup table, add IdP sign-in blocking note, add Viewer-as-default callout in both Add user sections Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
Updated activity-monitor-integration.md and all kb/migration pages to use AA2601 consistently as the product version identifier. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
Update all role model documentation to reflect that the Administrator role now has full access — system configuration AND user management. User Admin role is unchanged (user management only, no system config). Role names are unchanged; only the Administrator's rights are expanded. Relates to ADO Feature #433349 Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
- Removed incorrect client secret / state-in-time scan authentication model; connector uses certificate-based auth only - Fixed Microsoft Graph permission from Sites.Read.All to Sites.FullControl.All - Added Sensitive Data scan type (was entirely missing from scanning-options.md) - Removed incorrect Scanner Location step from source group setup wizard - Added MIP sensitivity label collection to Access scan description - Added graph.microsoft.com to network requirements - Converted all bold Step N – procedures to numbered lists - Fixed sentence case on all headings throughout Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
…rence Only Active Directory (LDAP/AD) is fully tested and supported at GA. Entra ID OIDC, Entra ID SAML, and Generic SAML configuration sections are wrapped in HTML comments so they can be restored without rewriting when those integrations reach GA. Also removes Option A/B labeling from quickinstall.md (AD/LDAP is now the only available IdP option) and moves the Environment Variables section earlier in install-commands.md for a better reading flow. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
SharePoint Online documentation
Deleted four placeholder pages that contained only "Content coming soon." with no real content: active-directory-dashboard/overview, data-security-dashboard/overview, data-security-dashboard/activity, and how-to-analyze-the-data. The dashboards-reports section now contains only the fully-written reports.md and my-reports.md pages. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
Adds draft: true to kb-article-template.md so it is excluded from the sidebar and returns 404 in production. The file remains in the repo as a reference for future KB article authors. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
- Rewrote connectors/entra-id/overview.md as proper connector overview: correct scan type, OAuth2 client credentials auth, network requirements, and links to sub-pages - Fixed connectors/entra-id/entra-requirements.md: converted bold steps to numbered list, fixed heading case, bolded role names in notes, removed "state-in-time" terminology - Fixed connectors/entra-id/app-registration-secret.md: converted bold steps to numbered list, fixed heading case, removed "state-in-time" terminology - Fixed gettingstarted/entra-id/entra-id.md: corrected intro description, fixed link text, fixed heading case - Rewrote gettingstarted/entra-id/scanning-options.md: added MIP label retrieval description, fixed heading case, corrected nav path - Fixed gettingstarted/entra-id/set-up-source-group.md: converted bold steps to numbered list, removed Scanner Location step, fixed heading case Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
Entra ID connector documentation
Adds an older version callout below the page heading pointing users to the Access Analyzer 12.0 and 11.6 documentation if they are on a previous Windows-based installation. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
- Entra ID overview: add MIP cross-source dependency note (FS + SPO scans need Entra ID sync first) - Entra ID: new reports.md (Entra ID Scan Summary dashboard) - Entra ID: new schema-reference.md (principals, memberships, sensitivity_labels tables) - File Servers overview: add Local Users and Groups auto-scan note; add Activity Monitor dependency note - SharePoint Online overview: add Sensitive Data scan order dependency note; add MIP read-only note - SharePoint Online setup: add Regenerate Certificate warning (must re-upload to App Registration; old cert removal is manual in Azure portal) Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
…lict Merge conflict in products.js reverted privilegesecurediscovery from version 2.22 back to 'current', causing broken navbar links site-wide. Also removes duplicate kbProducts entries from the same bad resolution. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
…e placeholders - index.md: use absolute paths for overview and getting-started links (relative links from index.md unreliable; gettingstarted/overview never existed) - postinstall.md, security.md, kubernetes.md, uninstall.md: update 7 links still referencing the old /docs/accessanalyzer/1_0/ path after version rename - Both kb-article-template.md files: replace bare URL placeholders with real targets so Docusaurus doesn't treat them as broken relative links Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
Docusaurus generates a different URL for files named the same as their parent directory (category index files). Absolute URL paths like /docs/accessanalyzer/2601/overview/overview don't match the generated URL; .md references let Docusaurus resolve to the actual URL instead. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>
Carlos mejia nwx/aa2601 documentation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.