diff --git a/.github/workflows/claude-documentation-fixer.yml b/.github/workflows/claude-documentation-fixer.yml index b40e9dfa38..d522174223 100644 --- a/.github/workflows/claude-documentation-fixer.yml +++ b/.github/workflows/claude-documentation-fixer.yml @@ -3,15 +3,23 @@ name: Documentation Fixer on: issue_comment: types: [created] + pull_request_review_comment: + types: [created] jobs: claude-response: runs-on: ubuntu-latest - # Only run on PR comments that mention @claude, and not on bot comments if: | - github.event.issue.pull_request && - contains(github.event.comment.body, '@claude') && - github.event.comment.user.login != 'github-actions[bot]' + ( + github.event_name == 'issue_comment' && + github.event.issue.pull_request && + contains(github.event.comment.body, '@claude') && + github.event.comment.user.login != 'github-actions[bot]' + ) || ( + github.event_name == 'pull_request_review_comment' && + contains(github.event.comment.body, '@claude') && + github.event.comment.user.login != 'github-actions[bot]' + ) permissions: contents: write pull-requests: write @@ -24,7 +32,13 @@ jobs: env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - PR_DATA=$(gh pr view ${{ github.event.issue.number }} --repo ${{ github.repository }} --json headRefName,isCrossRepository) + if [ "${{ github.event_name }}" = "issue_comment" ]; then + PR_NUMBER="${{ github.event.issue.number }}" + else + PR_NUMBER="${{ github.event.pull_request.number }}" + fi + PR_DATA=$(gh pr view $PR_NUMBER --repo ${{ github.repository }} --json headRefName,isCrossRepository) + echo "number=$PR_NUMBER" >> "$GITHUB_OUTPUT" echo "branch=$(echo "$PR_DATA" | jq -r '.headRefName')" >> "$GITHUB_OUTPUT" echo "is_fork=$(echo "$PR_DATA" | jq -r '.isCrossRepository')" >> "$GITHUB_OUTPUT" @@ -33,24 +47,79 @@ jobs: env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - gh pr comment ${{ github.event.issue.number }} --repo ${{ github.repository }} \ - --body "This PR is from a fork. Automated fixes cannot be pushed directly. Apply the inline suggestions from the review manually, or use GitHub's batch feature to commit them all at once." + gh pr comment ${{ steps.pr-info.outputs.number }} --repo ${{ github.repository }} \ + --body "This PR is from a fork. Automated fixes cannot be pushed directly. Apply the suggested changes from the inline comments manually." - name: Checkout repository if: steps.pr-info.outputs.is_fork == 'false' uses: actions/checkout@v4 with: - # Check out the branch by name so git push works. ref: ${{ steps.pr-info.outputs.branch }} fetch-depth: 0 - - name: Apply fixes - if: steps.pr-info.outputs.is_fork == 'false' + - name: Build prompt for review comment reply + id: build-prompt + if: steps.pr-info.outputs.is_fork == 'false' && github.event_name == 'pull_request_review_comment' + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + COMMENT_BODY: ${{ github.event.comment.body }} + FILE_PATH: ${{ github.event.comment.path }} + LINE: ${{ github.event.comment.line }} + IN_REPLY_TO: ${{ github.event.comment.in_reply_to_id }} + run: | + if [ -n "$IN_REPLY_TO" ] && [ "$IN_REPLY_TO" != "0" ]; then + PARENT_BODY=$(gh api repos/${{ github.repository }}/pulls/comments/$IN_REPLY_TO --jq '.body') + else + PARENT_BODY="$COMMENT_BODY" + fi + + { + echo "prompt<'. Add this suggestion to the list and rewrite the comment using exactly this format (replacing N with the updated count and updating the list):" + echo "" + echo " " + echo " **Batched suggestions: N**" + echo " Comment \`@claude apply batch\` on this PR to apply all of them." + echo "" + echo " | # | File | Line | Suggested change |" + echo " |---|------|------|------------------|" + echo " | 1 | \`path/to/file.md\` | 12 | suggested text |" + echo " | 2 | \`path/to/file.md\` | 34 | suggested text |" + echo "" + echo " Then post a reply to the inline comment thread: 'Added to batch (N total). Comment \`@claude apply batch\` on this PR to apply all batched suggestions.'" + echo "EOF" + } >> "$GITHUB_OUTPUT" + + - name: Apply fixes (PR comment) + if: steps.pr-info.outputs.is_fork == 'false' && github.event_name == 'issue_comment' + uses: anthropics/claude-code-action@v1 + with: + anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} + github_token: ${{ secrets.GITHUB_TOKEN }} + show_full_output: true + claude_args: | + --model claude-sonnet-4-5-20250929 + --allowedTools "Read,Write,Edit,Bash(gh pr view:*),Bash(gh pr diff:*),Bash(gh pr comment:*),Bash(gh api:*),Bash(git config:*),Bash(git add:*),Bash(git commit:*),Bash(git push:*),Bash(git status:*),Bash(git diff:*)" + + - name: Apply fixes (review comment reply) + if: steps.pr-info.outputs.is_fork == 'false' && github.event_name == 'pull_request_review_comment' uses: anthropics/claude-code-action@v1 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} github_token: ${{ secrets.GITHUB_TOKEN }} show_full_output: true + prompt: ${{ steps.build-prompt.outputs.prompt }} claude_args: | --model claude-sonnet-4-5-20250929 - --allowedTools "Read,Write,Edit,Bash(gh pr view:*),Bash(gh pr diff:*),Bash(gh pr comment:*),Bash(git config:*),Bash(git add:*),Bash(git commit:*),Bash(git push:*),Bash(git status:*),Bash(git diff:*)" + --allowedTools "Read,Write,Edit,Bash(gh pr view:*),Bash(gh pr diff:*),Bash(gh pr comment:*),Bash(gh api:*),Bash(git config:*),Bash(git add:*),Bash(git commit:*),Bash(git push:*),Bash(git status:*),Bash(git diff:*)" diff --git a/.github/workflows/claude-documentation-reviewer.yml b/.github/workflows/claude-documentation-reviewer.yml index 82b436404a..b3952a56a2 100644 --- a/.github/workflows/claude-documentation-reviewer.yml +++ b/.github/workflows/claude-documentation-reviewer.yml @@ -132,10 +132,11 @@ jobs: FOOTER = ( "\n---\n\n" - "There are two ways to apply fixes:\n" - "- View them in the comments and apply them individually or in a batch." - " This only applies to changes made to the file.\n" - "- Reply with `@claude` here, followed by your instructions" + "To apply individual fixes, reply to the inline comments on this review" + " with `@claude apply suggestion`.\n" + "To batch fixes, reply with `@claude add suggestion to batch` on each inline comment," + " then comment `@claude apply batch` on this PR when ready.\n" + "To fix issues in bulk, reply with `@claude` here, followed by your instructions" " (e.g. `@claude fix all issues` or `@claude fix only the spelling errors`" " or `@claude fix all other existing issues`" " or `@claude fix all linting issues`)." @@ -143,6 +144,12 @@ jobs: "Note: Automated fixes are only available for branches in this repository, not forks." ) + INLINE_FOOTER = ( + "\n\n---\n\n" + "Reply with `@claude`, followed by your instructions" + " (e.g. `@claude apply suggestion` or `@claude add suggestion to batch`)." + ) + def parse_diff_to_suggestions(diff_text): suggestions = [] current_file = None @@ -216,14 +223,15 @@ jobs: def make_suggestion(path, old_start, old_chunk, new_chunk): if not old_chunk: - return None # Pure insertions cannot be placed as inline suggestions + return None # Pure insertions cannot be placed as inline comments end_line = old_start + len(old_chunk) - 1 - suggestion_body = '```suggestion\n' + '\n'.join(new_chunk) + '\n```' + new_text = '\n'.join(new_chunk) + comment_body = f"Suggested change:\n```\n{new_text}\n```{INLINE_FOOTER}" comment = { 'path': path, 'line': end_line, 'side': 'RIGHT', - 'body': suggestion_body, + 'body': comment_body, } if len(old_chunk) > 1: comment['start_line'] = old_start diff --git a/docs/auditor/10.8/admin/search/overview.md b/docs/auditor/10.8/admin/search/overview.md index 083d6b4090..538ea55724 100644 --- a/docs/auditor/10.8/admin/search/overview.md +++ b/docs/auditor/10.8/admin/search/overview.md @@ -39,7 +39,7 @@ This functionality is currently available for the following data sources: Integration API - Netwrix Auditor Self-Audit - Netwrix Data Classification. See - [Sensitive Data Discovery ](/docs/auditor/10.8/admin/settings/sensitivedatadiscovery.md)for more information. + [Sensitive Data Discovery ](/docs/auditor/10.8/admin/settings/sensitivedatadiscovery.md) for more information. Netwrix Auditor executes interactive search queries against data stored in the audit databases, that is, on data collected in the last 180 days (default retention period). If you want to investigate @@ -56,14 +56,14 @@ You can add any elements (a dashboard, report, alert, risk, etc.) to the Auditor access them instantly. See the [Navigation](/docs/auditor/10.8/admin/navigation/overview.md) and [Customize Home Screen](/docs/auditor/10.8/admin/navigation/customizehome.md) topics for additional information. -There you can use the UI controls to run the variety of search queries that will fecth you exactly +There you can use the UI controls to run a variety of search queries that will fetch you exactly the data you need. -- To view all audit data stored in all Audit Databases by all monitoring plans, click **Search** +- To view all audit data stored in all Audit Databases by all monitoring plans, click the **Search** button in the center. Be aware that this type of search query may take time due to a large amount of data. Thus, it is - recommended that instead of retrieveing a massive data set, you pre-configure your search query + recommended that instead of retrieving a massive data set, you pre-configure your search query using filters. By default, Netwrix Auditor shows only the top 2,000 entries in the search results. @@ -78,19 +78,24 @@ the data you need. ![search_filter](/images/auditor/10.8/admin/search/search_filter.webp) +- Regardless of the selected filtering mode, Netwrix Auditor combines conditions as follows: + - Filters of the same type with positive operators are combined using the OR logical operator. + - Filters of different types are combined using the AND logical operator. + - All filters with negative operators, regardless of type, are combined using the AND logical operator. Negative operators include: not equal to, does not contain, not in group. + - By default, search results are open in the same window, so the subsequent search results will overwrite the previous search results. To view them in different windows, click Open in new window. - In addition, you can customize your view by selecting columns to display. Use search results for your own needs: save, share, create search-based alerts, subscribe to -periodic delivery of search query results, etc. See Make Search Results Actionnable for more +periodic delivery of search query results, etc. See [Make Search Results Actionable](#make-search-results-actionable) for more information. ![search_nofilter_1](/images/auditor/10.8/admin/search/search_nofilter_1.webp) You can also use the **Search** window to examine details for the selected activity record, or watch -a video recording (for User Ativity data). +a video recording (for User Activity data). ### Examining Activity Record in Detail @@ -140,12 +145,12 @@ To include or exclude data Your exclusions and inclusions will automatically be added to the search filters, limiting the amount of data shown in the results pane. -## Make Search Results Actionnable +## Make Search Results Actionable You can export your search query results, save them as a custom report, subscribe to periodic -delivery of this search results, create a search-based alert. +delivery of these search results, create a search-based alert. -Navigate to Tools in the top right corner of the Search window and select the required action. +Navigate to **Tools** in the top right corner of the Search window and select the required action. | Use... | To... | | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | diff --git a/docs/auditor/10.8/requirements/software.md b/docs/auditor/10.8/requirements/software.md index 9040c5c874..0ccb4cf025 100644 --- a/docs/auditor/10.8/requirements/software.md +++ b/docs/auditor/10.8/requirements/software.md @@ -30,29 +30,21 @@ Server, in the monitored environment, or in both locations. ## Using SSRS-based Reports -SQL Server Reporting Services are needed for this kind of reports. See the -[Requirements for SQL Server to Store Audit Data](/docs/auditor/10.8/requirements/sqlserver.md) topic for additional information. If -you plan to export or print such reports, check the requirements below. +SQL Server Reporting Services are needed for these types of reports. See the +[Requirements for SQL Server to Store Audit Data](/docs/auditor/10.8/requirements/sqlserver.md) topic for additional information. -**NOTE:** Please note that if you are going to use SQL Express plan, do not install SSRS and Auditor -on the domain controller. +**NOTE:** It is not recommended to install SQL Server (including Express edition), SQL Server Reporting Services (SSRS), or Netwrix Auditor on a domain controller. +**Microsoft Edge WebView2** -Printing - -To print SSRS-based reports, SSRS Report Viewer and Auditor Client require ActiveX Control to be -installed and enabled on the local machine. See the -[Impossible to Export a Report ](/docs/kb/auditor/reports-alerts-and-notifications/report-generation/impossible-to-export-a-report) -Netwrix knowledge base article for additional information. - -You can, for example, open any SSRS-based report using your default web browser and click **Print**. -The browser will prompt for installation of the additional components it needs for printing. Having -them installed, you will be able to print the reports from Auditor UI as well. +To view SSRS-based reports in Netwrix Auditor, the WebView2 runtime component must be installed. +If the component is not detected on the system, it will be automatically installed during the Netwrix Auditor setup process. +See the following Microsoft article for additional information about the WebView2 runtime component: [Microsoft Edge WebView2](https://developer.microsoft.com/en-us/microsoft-edge/webview2). ## Server and Client -It is recommended to deploy Auditor server on the virtualized server – to simplify backup, provide -scalability for future growth, and facilitate hardware configuration updates. Auditor client can be +It is recommended to deploy Auditor Server on the virtualized server – to simplify backup, provide +scalability for future growth, and facilitate hardware configuration updates. Auditor Client can be deployed on a physical or virtual workstation, as it only provides the UI. You can deploy Netwrix Auditor on the VM running on any of the following hypervisors: @@ -111,7 +103,7 @@ In this scenario, multiple Auditor clients are installed on different machines. Follow the steps to perform distributed deployment. -**Step 1 –** Install Auditor server and default client, selecting Full installation during the +**Step 1 –** Install Auditor Server and default Client, selecting Full installation during the product setup. **Step 2 –** Then install as many clients as you need, running the setup on the remote machines and