NAA-11.6-FSAA-SCHEMA-DOC

[tay-caliguiri]

Added 11.6 fsaa dc schema doc from @sanjay-meghani and formatted to match the existing SQL dc schema guide for consistency

[tay-caliguiri]

@claude fix all issues

[github-actions]

Auto-Fix Summary

14 issues fixed, 12 skipped across 9 files

Category	Fixes
Contractions	6
Plurals	1
Dale: passive-voice	3
Dale: positional-references	4

Skipped (needs manual review)	Reason
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:633 — Netwrix.TypeVsEnter	False positive. The flagged word 'type' appears in the phrase 'operations of a given type', where 'type' means category/kind, not a UI instruction to type text. The rule's intent (replace 'type' with 'enter' when instructing users to supply text) does not apply.
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:785 — Netwrix.FirstPersonPlural	False positive. The flagged 'US' appears in 'US Social Security Number' (an example value for the Name column), where 'US' is the abbreviation for United States, not the first person plural pronoun.
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:919 — Netwrix.WeakLinkText	False positive. The flagged 'this link' refers to a DFS (Distributed File System) link — a database/schema concept in the SA_FSDFS_Links table — not a hyperlink. The column description reads 'True if this link represents the namespace root rather than a sub-link', which is the correct technical terminology.
docs/accessanalyzer/11.6/admin/schema/fsaadc/erd/overview.md:3 — Netwrix.OxfordComma	False positive. The flagged phrase is the quoted cardinality description 'exactly one parent, zero or more children', which contains only two items (one parent / zero or more children), not a series of three or more requiring an Oxford comma.
docs/accessanalyzer/11.6/admin/schema/fsaadc/overview.md:9 — Netwrix.OxfordComma	False positive. 'NTFS and share permissions' is a single compound noun phrase referring to two related Windows permission types treated as a unit, not two separate list items. The list is correctly Oxford-commaed at 'ownership, and tags'. Rewriting would either introduce inaccuracy or require restructuring the sentence in ways that change the author's intended grouping.
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:3 — Dale: passive-voice	'tables are partitioned by HOST INT' is the standard SQL/database term for table partitioning; rewriting could distort the technical meaning
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:3 — Dale: undefined-acronyms	FSAA used in body but defined in parent overview.md within the same schema reference set; defining repeatedly across sub-pages would be redundant
docs/accessanalyzer/11.6/admin/schema/fsaadc/erd/overview.md:15 — Dale: xy-slop	'representative, not exhaustive' is a precise technical qualifier where the negative is informative; rewriting risks losing the contrast
docs/accessanalyzer/11.6/admin/schema/fsaadc/enumeration/overview.md:62 — Dale: passive-voice	Multiple chained passive constructions ('are produced by', 'are stored in', 'resolved at query time by') describe SQL pipeline behavior where the actor is implicit; rewriting could degrade clarity
docs/accessanalyzer/11.6/admin/schema/fsaadc/views/overview.md:6 — Dale: passive-voice	'column sizes are derived from the underlying source columns' is technical state; active rewrite ('derive from') is intransitive and equivalent — borderline whether the rule applies
docs/accessanalyzer/11.6/admin/schema/fsaadc/functions/overview.md:25 — Dale: passive-voice	'Domain groups are expanded via X' / 'Local groups are expanded via Y' is parallel structure that emphasizes the subjects (groups) over the actors (functions); rewriting would break parallelism
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:110 — Dale: passive-voice	'Used to expand local-group memberships ... and by SA_FSAA_LocalGroupMembersView' is a sentence fragment describing the table's role; rewriting would require restructuring beyond a simple voice change

Ask @claude on this PR if you'd like an explanation of any fix.

[github-actions]

Documentation PR Review

Editorial Review

docs/accessanalyzer/11.6/admin/schema/fsaadc/overview.md

• Clarity — Line 6: "comprehensive schema documentation for the NAA 11.6 File System Access Data Collector (FSAA)" introduces the acronym NAA without expansion. Per Netwrix standards, spell out acronyms on first use. Suggested fix: "schema reference for the Netwrix Access Analyzer (NAA) 11.6 File System Access Data Collector (FSAA)".
• Clarity — Line 6: "comprehensive" reads as marketing language and adds nothing. Suggested fix: drop the word — "This is a schema reference for the Netwrix Access Analyzer (NAA) 11.6 File System Access Data Collector (FSAA)."
• Structure — Line 3: The H2 "## Overview" heading is redundant on a page whose H1 is already a noun-phrase overview title, and it introduces a heading-level inconsistency with the "### Data model overview" subsection that follows. Suggested fix: remove the "## Overview" heading and promote the document body to sit directly under the H1, or convert "### Data model overview" to H2 to align levels.

docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md

• Clarity — Line 1 (the opening sentence under # Core Data Collection Tables): The page opens directly with a dense technical statement about HOST INT partitioning without any one-line orientation telling the reader what these tables collectively are or linking back to the parent FSAA overview. A reader who lands here from search will not know what FSAA is. Suggested fix: prepend a one-sentence orientation, for example: "This page lists the tables populated by the four File System Access Data Collector modules (FSAA, FSAC, FSDLP, FSDFS). For background on these modules, see the parent overview."
• Clarity — In the SA_FSAA_Resources description ("The structural backbone — every share, folder, and file the DC has seen on the host"): DC is an undefined acronym — readers may reasonably read it as "Domain Controller" rather than "Data Collector". Suggested fix: spell it out — "every share, folder, and file the data collector has seen on the host".
• Clarity — Same line: [idiom] "The structural backbone" is figurative language. Suggested fix: "The central structural table — every share, folder, and file the data collector has seen on the host…".
• Clarity — In the SA_FSAC_ActivityEvents description ("The activity-event firehose."): [idiom] "firehose" is figurative. Suggested fix: "The high-volume activity-event table. One row per audited file-system operation captured by an FSAC agent."
• Clarity — In the SA_FSAA_ScanHistory table, the ConsoleHost row description reads "NAA console that initiated the scan". NAA is not expanded anywhere on this page. Suggested fix: "Netwrix Access Analyzer (NAA) console that initiated the scan" — or use only "Access Analyzer" and rely on the parent overview for the acronym.
• Completeness — In the SA_FSAA_Rights description, the line AllowRights = DirectAllowRights | InheritedAllowRights uses | without telling a non-SQL reader that this is the bitwise-OR operator. A junior administrator may misread this as a logical "or". Suggested fix: "AllowRights is the bitwise OR of DirectAllowRights and InheritedAllowRights (and similarly for DenyRights)".

docs/accessanalyzer/11.6/admin/schema/fsaadc/enumeration/overview.md

• No issues found.

docs/accessanalyzer/11.6/admin/schema/fsaadc/erd/overview.md

• Clarity — In the "Activity Collection" section ("SA_FSAC_ActivityEvents is the audit-event firehose; each row is one observed file-system operation"): [idiom] "firehose" repeats the metaphor flagged in coretables/overview.md. Suggested fix: "SA_FSAC_ActivityEvents is the high-volume audit-event table; each row is one observed file-system operation."

docs/accessanalyzer/11.6/admin/schema/fsaadc/fkreference/overview.md

• No issues found.

docs/accessanalyzer/11.6/admin/schema/fsaadc/functions/overview.md

• Clarity — In the SA_FSAA_GetEffectiveRights description ("This is the heaviest UDF in the schema"): [idiom] "heaviest" is figurative and ambiguous (heaviest in code? in runtime? in I/O?). Suggested fix: "This is the most computationally expensive UDF in the schema — it composes share permissions, NTFS permissions, group-membership expansion, and domain inventory data."
• Completeness — SA_FSDFS_LookupDfsPath heading anchor is {#sa_fsdfs_lookupdfsepath} but the function name is SA_FSDFS_LookupDfsPath (no extra "e"). The parent overview links to functions/overview.md#sa_fsdfs_lookupdfsepath, so the link works, but the anchor itself is misspelled and will surprise readers who copy it. Suggested fix: change the anchor to {#sa_fsdfs_lookupdfspath} and update the link in fsaadc/overview.md.

docs/accessanalyzer/11.6/admin/schema/fsaadc/indexreference/overview.md

• No issues found.

docs/accessanalyzer/11.6/admin/schema/fsaadc/views/overview.md

• Clarity — Line 1 (opening sentence "FSAA, FSAC, and FSDLP views provide pre-joined, human-readable projections…"): If this page is reached directly via search, the three module acronyms are never expanded on the page. Suggested fix: add a brief orientation, for example: "This page lists the SQL views provided by the FSAA, FSAC, and FSDLP collector modules. For an overview of the collector modules, see the parent overview."

docs/accessanalyzer/11.6/admin/schema/overview.md

• No issues found.

Summary

10 editorial suggestions across 9 files (6 files reviewed clean). The dominant theme is unexpanded acronyms (NAA, DC) on pages reachable directly via search, plus four uses of figurative language ("firehose", "backbone", "heaviest") that violate the no-idioms rule. Vale and Dale issues are auto-fixed separately.

---

What to do next:

Comment @claude on this PR followed by your instructions to get help:

• @claude fix all issues — fix all editorial issues
• @claude help improve the flow of this document — get writing assistance
• @claude explain the voice issues — understand why something was flagged

You can ask Claude anything about the review or about Netwrix writing standards.

Automated fixes are only available for branches in this repository, not forks.

[github-actions]

Auto-Fix Summary

7 issues fixed, 9 skipped across 9 files

Category	Fixes
FirstPersonPlural (rewrite)	1
TypeVsEnter (rewrite)	1
WeakLinkText (rewrite)	1
Dale: passive-voice	3
Dale: positional-references	1

Skipped (needs manual review)	Reason
docs/accessanalyzer/11.6/admin/schema/fsaadc/erd/overview.md:3 — Netwrix.OxfordComma	False positive. The phrase 'one parent, zero or more children' is not a 3-item list — 'zero or more' is a quantifier modifying 'children'. Adding a comma before 'or' would break grammar and meaning.
docs/accessanalyzer/11.6/admin/schema/fsaadc/overview.md:9 — Netwrix.OxfordComma	False positive. 'NTFS and share permissions' is a compound phrase representing a single list item ('NTFS permissions and share permissions'). Inserting a comma would incorrectly split it into two separate list items and change meaning.
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:3 — Dale: passive-voice	'are assigned by the FSAA bulk-import pipeline' — rewriting changes a descriptive statement about identifier provenance; the passive emphasizes the identifiers (the subject of the sentence) rather than the pipeline.
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:11 — Dale: passive-voice	'Used by upgrades to decide whether to apply migrations' is a sentence-fragment description in a column-style description block; the same 'Used by X' / 'Used to do X' / 'Populated by X' pattern recurs throughout the schema reference and is consistent with technical-reference conventions.
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:553 — Dale: idioms	'activity-event firehose' is a common technical metaphor for high-volume event streams (e.g., Kinesis Firehose); replacing it could lose precision.
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:217 — Dale: idioms	'the structural backbone' is a mild, widely understood technical metaphor; replacing it would not improve clarity.
docs/accessanalyzer/11.6/admin/schema/fsaadc/coretables/overview.md:3 — Dale: undefined-acronyms	FSAA is defined in the parent overview pages (schema/overview.md and fsaadc/overview.md) but has at least two expansions used elsewhere ('File System Access Data Collector' and 'File System Access Analyzer'); confidently choosing one expansion in this sub-page risks introducing inconsistency.
docs/accessanalyzer/11.6/admin/schema/fsaadc/views/overview.md:521 — Dale: passive-voice	'Trustee identity is resolved by joining SA_ADInventory_UsersView on the SID' — rewriting to active changes the subject from 'identity' to the action; this is a descriptive statement consistent with surrounding view-description style.
docs/accessanalyzer/11.6/admin/schema/fsaadc/functions/overview.md:105 — Dale: passive-voice	'Used by SA_FSAA_ExpandedPermissionsView' is a sentence-fragment cross-reference; rewriting to active style ('SA_FSAA_ExpandedPermissionsView uses this') would invert the focus and break the consistent fragment pattern used throughout the function reference.

Ask @claude on this PR if you'd like an explanation of any fix.