Add note about Azure activity log delay for Azure Files [Doc Task 435447]

[nwnikacc]

Summary

• Added a note about Azure activity log ingestion delay (3–20 minutes) before Prerequisites in the Azure Files Configuration Overview page
• Fixed Dale violations: passive voice, positional references, undefined acronyms (IAM), xy-slop
• Added Related Resources section consolidating all external and internal links

Test plan

• Verify the note renders correctly on the docs site
• Confirm the Azure documentation link resolves correctly
• Verify the {#account-types-references} anchor works

Generated with AI

Co-Authored-By: Claude Code ai@netwrix.com

[github-actions]

⚠️ Broken Anchor Links

1 broken anchor link(s) found — these will cause the build to fail.

  docs/auditor/10.8/configuration/azurefiles/overview.md:58
    - **Supported account types** (refer to [Account Types references](#account-types-references))
    #account-types-references not found in docs/auditor/10.8/configuration/azurefiles/overview.md
    Available: #azure-files-configuration-overview · #prerequisites · #configuration-scope-overview · #azure-application-registration · #step-1-create-the-app-registration · #step-2-gather-app-details · #step-3-create-a-client-secret · #configure-api-permissions · #step-1-add-permissions · #step-2-grant-admin-consent · #assign-identity-and-access-management-iam-roles-to-the-app · #step-1-assign-reader-role-on-resource-group · #step-2-assign-storage-file-data-privileged-reader-on-data-storage-account · #step-3-assign-storage-blob-data-reader-on-log-storage-account · #notes-best-practices · #diagnostic-settings · #step-1-open-diagnostic-settings · #step-2-configure-general-settings · #step-3-configure-destination · #step-4-save-the-configuration · #checklist · #next-steps · #related-resources · #netwrix-documentation · #microsoft-documentation

Auto-Fix Summary

8 issues fixed, 3 skipped across 1 files

Category	Fixes
Contractions	2
Plurals	1
Dale: passive-voice	4
Dale: positional-references	1

Skipped (needs manual review)	Reason
docs/auditor/10.8/configuration/azurefiles/overview.md:156 — Netwrix.OxfordComma	False positive — the phrase is 'In the search window, find and select...' which has only two coordinated verbs (find and select), not a series of three items. The comma after 'window' separates an introductory prepositional phrase. Adding an Oxford comma here would be grammatically incorrect.
docs/auditor/10.8/configuration/azurefiles/overview.md:31 — Dale: passive-voice	'[Azure Files identity-based access] is configured for data storage account in Azure Files' appears in a prerequisites list as a state description; rewriting to active voice or imperative would break the noun-phrase pattern of the surrounding list items, and the appropriate rewording is ambiguous.
docs/auditor/10.8/configuration/azurefiles/overview.md:9 — Dale: wordiness	'monitor for operations with files and folders' is slightly wordy, but tightening to 'monitor operations on files and folders' or 'monitor file and folder operations' shifts the meaning between watching for events and tracking events, so the intent is ambiguous.

Ask @claude on this PR if you'd like an explanation of any fix.

[github-actions]

Documentation PR Review

Editorial Review

docs/auditor/10.8/configuration/azurefiles/overview.md

• Structure — Lines 15–16 and 18: The two new notes use a blockquote + bold > **Note:** format. The Netwrix style guide (see docs/CLAUDE.md) requires notes to use Docusaurus admonition blocks so they render with the correct icon, color, and screen-reader semantics. Suggested fix: convert each to :::note ... :::. Example:

  :::note
  For all **data storage accounts** used in the preceding list, you must configure [Diagnostic settings](...) to save audit events on **log storage accounts**. Ensure you have the necessary access ([API permissions](...), [IAM roles](...)) for the [application](...) to read these events and access storage account metadata.
  :::

• Clarity — Line 18: The new note introduces the term "Azure activity logs," but every other section of this document talks about "audit events," "audit logs," or "file activity logs." A reader will not be able to tell whether the 3–20 minute latency applies to the diagnostic-settings pipeline they just configured. Suggested fix: name the same artifact the rest of the doc names — for example, "Azure file share audit logs travel through Azure Monitor's activity-log ingestion pipeline, which can take 3 to 20 minutes to surface events..." — and explicitly state that this latency affects the Netwrix Auditor reports built from those logs.
• Completeness — Line 18: The note tells readers to "extend the report time range by at least 20 minutes" but does not say where that adjustment is made (Netwrix Auditor report parameters? Azure portal? the monitoring plan?). A newer user will not know where to apply this advice. Suggested fix: point to the specific UI surface, e.g., "...extend the Time range filter in the Netwrix Auditor report by at least 20 minutes..." (and link to the relevant report-configuration page if one exists).
• Structure — Line 46: The bullet reads Assigning roles to Resource Group, Data Storage Account, and Log Storage Account, while the sibling bullets in the same list use imperative verbs ("Create Azure AD application", "Assign required permissions...", "Configure audit logging"). Since this line was modified in this PR, it's worth bringing it into parallel. Suggested fix: change "Assigning roles to..." to "Assign roles to Resource Group, Data Storage Account, and Log Storage Account".
• Structure — Line 62: The new #### Account types references heading sits between Step 1 and Step 2 of the App Registration procedure, which makes it look like another procedural step rather than a reference aside. The label itself ("Account types references") also reads awkwardly. Suggested fix: rename to match the field it documents — e.g., #### Supported account types — and consider moving the two Microsoft links into a :::note directly under the "Supported account types" bullet in Step 1, so the step-by-step flow isn't interrupted by a reference subsection.
• Consistency — Lines 258 and 263: The new ### Netwrix documentation and ### Microsoft documentation headings use sentence case, but every other H2/H3 in this file uses Title Case (e.g., "Azure Application Registration", "Configure API Permissions", "Diagnostic Settings", "Next Steps"). Suggested fix: align the new headings with the rest of the file — ### Netwrix Documentation and ### Microsoft Documentation — or, if sentence case is the intended direction going forward, file a follow-up to normalize the whole document.
• Completeness — Line 261: "Azure Files Monitoring Plan" appears twice on the page — once in the prose at line 254 ("For detailed instructions on creating the monitoring plan, see the [Azure Files Monitoring Plan]...") and again in Related Resources. A reader scanning Related Resources may wonder whether the two pointers lead somewhere different. Suggested fix: drop the line-254 sentence (the link is preserved in Related Resources) or remove the duplicate from Related Resources.

Summary

7 editorial suggestions across 1 file. Vale and Dale issues are auto-fixed separately.

---

What to do next:

Comment @claude on this PR followed by your instructions to get help:

• @claude fix all issues — fix all editorial issues
• @claude help improve the flow of this document — get writing assistance
• @claude explain the voice issues — understand why something was flagged

You can ask Claude anything about the review or about Netwrix writing standards.

Automated fixes are only available for branches in this repository, not forks.

[github-actions]

Auto-Fix Summary

1 issues fixed, 11 skipped across 1 files

Category	Fixes
Dale: passive-voice	1

Skipped (needs manual review)	Reason
docs/auditor/10.8/configuration/azurefiles/overview.md:156 — Netwrix.OxfordComma	False positive: 'find and select' is two coordinated verbs, not a series of three or more items. Adding an Oxford comma would be grammatically incorrect.
docs/auditor/10.8/configuration/azurefiles/overview.md:15 — Dale: positional-references	'preceding list' is sequential rather than spatial; rule explicitly names 'below', 'above', 'as shown below' — fix could change meaning
docs/auditor/10.8/configuration/azurefiles/overview.md:31 — Dale: passive-voice	'is configured for data storage account' is passive, but item sits in a prerequisites list of noun phrases — rewriting could change it from a precondition to an instruction
docs/auditor/10.8/configuration/azurefiles/overview.md:126 — Dale: passive-voice	'your app has granted Microsoft Graph API permissions' is grammatically active but semantically inverted (the app is the recipient); fixing requires interpreting author intent
docs/auditor/10.8/configuration/azurefiles/overview.md:189 — Dale: undefined-acronyms	SMB is widely known to the sysadmin audience and the rule's allowlist uses 'etc.' — borderline, skipped to avoid over-flagging
docs/auditor/10.8/configuration/azurefiles/overview.md:191 — Dale: passive-voice	'your app should have assigned roles' is grammatically active but semantically inverted; fixing requires interpretation
docs/auditor/10.8/configuration/azurefiles/overview.md:233 — Dale: passive-voice	'Audit category group selected' is a checklist fragment by convention
docs/auditor/10.8/configuration/azurefiles/overview.md:234 — Dale: passive-voice	'Destination set to Archive to a storage account' is a checklist fragment by convention
docs/auditor/10.8/configuration/azurefiles/overview.md:242 — Dale: passive-voice	Checklist item using passive participle as noun-phrase fragment — conventional pattern
docs/auditor/10.8/configuration/azurefiles/overview.md:243 — Dale: passive-voice	Checklist item using passive participle as noun-phrase fragment — conventional pattern
docs/auditor/10.8/configuration/azurefiles/overview.md:244 — Dale: passive-voice	Checklist item using passive participle as noun-phrase fragment — conventional pattern

Ask @claude on this PR if you'd like an explanation of any fix.