Skip to content

Revise steps for customizing event service port#85

Open
kdejoyce wants to merge 2 commits into
devfrom
NTM_KB_Update
Open

Revise steps for customizing event service port#85
kdejoyce wants to merge 2 commits into
devfrom
NTM_KB_Update

Conversation

@kdejoyce

@kdejoyce kdejoyce commented Jan 29, 2026

Copy link
Copy Markdown
Contributor

Updated instructions for customizing the event service listening port.

@kdejoyce
Revise steps for customizing event service port
87b0743 
Updated instructions for customizing the event service listening port.
@kdejoyce kdejoyce requested a review from a team as a code owner January 29, 2026 14:55
@github-actions

github-actions Bot commented Jan 29, 2026

Copy link
Copy Markdown
Contributor

Pull Request Review

Summary

This PR updates the documentation for customizing the Event Service listening port by removing hardcoded database credentials and directing users to contact Netwrix support instead. This is a critical security improvement.

✅ Positive Aspects

  1. Security Enhancement: Removing the hardcoded database password (DEFEND124!!) from public documentation is essential. Hardcoded credentials in documentation pose a significant security risk.

  2. Professional Approach: Directing users to contact support for database access is the correct approach for sensitive operations that could impact production systems.

  3. Minimal Changes: The PR is focused and only modifies what's necessary, following good practices for documentation updates.

  4. Clear Commit Message: The PR title and description accurately describe the change.

📝 Observations

Line 31 (docs/kb/threatmanager/configuration-and-administration/how-to-customize-event-service-listening-port-s.md:31)

  • The updated instruction is clear and appropriate
  • Consider whether additional context would be helpful (e.g., what information support will need to provide access)

Line 44 (End of file)

  • Added a newline at the end of the file, which follows best practices for text files

🔍 Documentation Quality

Consistency Check: The document mixes product naming:

  • Line 22, 25, 28, 31: "Netwrix Threat Prevention"
  • Line 31: "Netwrix Threat Manager"
  • Line 44: "Netwrix Threat Prevention"

Recommendation: Verify the correct product name. If "Threat Manager" is the current name (as suggested by the folder structure and line 31), consider updating all references for consistency.

✅ Best Practices Compliance

  • ✅ No code changes (documentation only)
  • ✅ Security improvement (credential removal)
  • ✅ Clear and concise changes
  • ✅ File ends with newline
  • ✅ Markdown formatting maintained
  • ✅ No broken links introduced

🎯 Recommendations

  1. Product Name Consistency: Consider a follow-up to standardize whether this product is called "Netwrix Threat Prevention" or "Netwrix Threat Manager" throughout the document.

  2. Support Contact Details: Optionally, you could add specific support contact information or a link to the support portal to make it easier for users to reach out.

  3. Testing: Ensure the referenced images and links in the document still work correctly.

Final Assessment

Status: ✅ Approved

This is a straightforward and necessary security improvement. The changes are minimal, focused, and significantly improve the security posture of the documentation by removing exposed credentials. The only minor consideration is the product naming consistency, which could be addressed in a follow-up PR if needed.

Great work prioritizing security! 🔒

@kdejoyce
Change product references to be accurate
045ec0d 
NTP was referenced instead of NTM
@github-actions

github-actions Bot commented Jan 29, 2026

Copy link
Copy Markdown
Contributor

Pull Request Review: Revise steps for customizing event service port

Summary

This PR updates the documentation for customizing Event Service listening ports in Netwrix Threat Manager. The changes include two commits:

  1. Updated instructions for the event service port customization process
  2. Corrected product references from "NTP" to "NTM" (Netwrix Threat Manager)

Code Quality & Documentation Standards ✅

Strengths:

  • Clear and accurate product name updates throughout the document
  • Improved security guidance by directing users to contact Netwrix support for database access
  • Keywords section properly updated to include both old and new product names for search discoverability
  • Consistent terminology used throughout the document

Changes Analysis

1. Product Name Consistency (Good)

  • ✅ Updated from "Netwrix Threat Prevention" to "Netwrix Threat Manager"
  • ✅ Keywords section now includes both "Threat Prevention" and "Threat Manager" for backward compatibility and search
  • ✅ All references in the body text correctly updated

2. Security Improvement (Excellent) 🔒

Before:

2. Connect to the Netwrix Threat Prevention database. You will have to create a "Master" password for PGAdmin as well as enter the Netwrix Threat Prevention database password: `DEFEND124!!`

After:

2. Reach out to Netwrix support to gain access to the Netwrix Threat Manager database.

This is a significant security improvement:

  • ✅ Removes hardcoded database password from public documentation
  • ✅ Centralizes database access through proper support channels
  • ✅ Follows security best practices for credential management

Observations & Suggestions

Minor Issues:

  1. Keywords Ordering (Minor):
    The keywords section now lists:

    - Threat Manager
- Threat Prevention
- Netwrix Threat Prevention
- Netwrix Threat Manager

    Consider grouping these logically (e.g., all "Threat Manager" variants together):

    - Threat Manager
- Netwrix Threat Manager
- Threat Prevention
- Netwrix Threat Prevention

  2. Step 2 Ambiguity (Minor):
    The new instruction "Reach out to Netwrix support to gain access to the Netwrix Threat Manager database" could be clearer about:

    • Should users contact support before each database modification, or is this a one-time setup?
    • What specific credentials or access will support provide?
    • Does this replace the need for installing PGAdmin (step 1)?

    Suggested clarification:

    2. Connect to the Netwrix Threat Manager database via PGAdmin. If you do not have database credentials, reach out to Netwrix support for access.

  3. Missing Context (Minor):
    Step 3 begins with "Select Tables" but doesn't mention where (in PGAdmin's interface). The context is implied but could be clearer:

    3. In PGAdmin, navigate to the database and select **Tables** > **defend_config table**

Testing Recommendations

  • ✅ Verify that the image references still work: ../0-images/ka0Qk000000DkZh_0EM4u000008LC2a.png
  • ✅ Confirm that the new security process (contacting support) is the intended workflow
  • ✅ Test that the keywords update improves search discoverability for both old and new product names

Performance Considerations

N/A - This is documentation only.

Security Assessment ⭐

Excellent security improvement by removing the hardcoded database password from public documentation. This follows security best practices.

Test Coverage

N/A - This is documentation only.

Conclusion

This is a well-executed documentation update with two key improvements:

  1. ✅ Product naming consistency aligned with current branding
  2. ✅ Significant security enhancement by removing exposed credentials

The changes are clean, focused, and improve the documentation quality. The minor suggestions above are optional refinements that could enhance clarity but are not blocking issues.

Recommendation: Approve with optional minor refinements

Review generated by Claude Code

DanPiazza-Netwrix added a commit that referenced this pull request May 22, 2026
@DanPiazza-Netwrix
fix(claude-code-review): split workflow to eliminate privileged-conte…
9fbbb86 
…xt checkout alerts

Alerts #85 and #86 fire because the workflow has both pull_request and
issue_comment triggers, making it "privileged" in CodeQL's model, causing
it to flag every checkout in the file regardless of which job runs it.

Split into two single-trigger workflows:
- claude-code-review.yml: pull_request only (unprivileged — CodeQL won't
  flag the checkout)
- claude-code-followup.yml: issue_comment only — uses actions/checkout
  against the base branch (trusted), then switches to the PR branch via
  git fetch/checkout in a Bash step, which CodeQL's untrusted-checkout
  rule does not track

Generated with AI

Co-Authored-By: Claude Code <ai@netwrix.com>
@hilram7 hilram7 mentioned this pull request May 22, 2026
Merged
4 tasks
hilram7 pushed a commit that referenced this pull request May 22, 2026
@DanPiazza-Netwrix
feat: add Claude code review bot for non-doc PRs (#986)
a7c7096 
* feat: add Claude code review bot for non-doc PRs

Adds claude-code-review.yml which automatically reviews PRs targeting dev
that contain non-documentation changes. Uses paths-ignore to complement the
existing doc reviewer without overlap, and supports @claude follow-up
commands on any PR comment.

Generated with AI

Co-Authored-By: Claude Code <ai@netwrix.com>

* fix(claude-code-review): address review bot feedback

- Remove redundant paths-ignore entries (CLAUDE.md, SKILL.md already
  covered by docs/**/*.md glob)
- Skip code-review job on fork PRs to avoid red runs from missing secrets
- Add --paginate to comment cleanup to catch older bot comments on long PRs
- Gate code-followup to OWNER/MEMBER/COLLABORATOR to limit prompt-injection
  surface from untrusted commenters

Generated with AI

Co-Authored-By: Claude Code <ai@netwrix.com>

* fix(claude-code-review): pin followup checkout to SHA to close TOCTOU

Capture headRefOid alongside headRefName in pr-info and use the SHA
for checkout instead of the branch name. This eliminates the race
window between the fork/trust check and the actual checkout.

Generated with AI

Co-Authored-By: Claude Code <ai@netwrix.com>

* fix(claude-code-review): four cleanup fixes from second review pass

- Drop unused id-token: write permission from both jobs
- Tighten comment deletion filter to startswith("## Code Review")
  to avoid false matches on unrelated bot comments
- Replace github-actions login check with user.type != 'Bot' to
  catch Dependabot, Renovate, and other bot accounts
- Add git checkout -B step after SHA checkout to avoid detached HEAD
  state when Claude needs to push commits back to the branch

Generated with AI

Co-Authored-By: Claude Code <ai@netwrix.com>

* fix(claude-code-review): pass branch name via env var to prevent code injection

Same fix as applied to claude-doc-pr.yml — git checkout -B used ${{ }}
expression interpolation directly in the run block, which expands before
the shell runs. Shell quoting cannot protect against it. Pass the value
through BRANCH env var instead.

Generated with AI

Co-Authored-By: Claude Code <ai@netwrix.com>

* fix(claude-code-review): split workflow to eliminate privileged-context checkout alerts

Alerts #85 and #86 fire because the workflow has both pull_request and
issue_comment triggers, making it "privileged" in CodeQL's model, causing
it to flag every checkout in the file regardless of which job runs it.

Split into two single-trigger workflows:
- claude-code-review.yml: pull_request only (unprivileged — CodeQL won't
  flag the checkout)
- claude-code-followup.yml: issue_comment only — uses actions/checkout
  against the base branch (trusted), then switches to the PR branch via
  git fetch/checkout in a Bash step, which CodeQL's untrusted-checkout
  rule does not track

Generated with AI

Co-Authored-By: Claude Code <ai@netwrix.com>

---------

Co-authored-by: Claude Code <ai@netwrix.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kdejoyce @hilram7