I need to be able to look back on an assets script history to see if I ever pulled or enabled bitlocker keys for this asset. I am only able to see a short history in the scripts section.
How can I pull this report? Is it possible?
1 Like
There isn’t a report that lists script runs- this has been a popular feature request though and I’d love to see that. Usually, I see that people will have the script put the BitLocker key in a custom field so that they can use a Saved Asset Search to query it later.
This is what we do but the field is blank, so I need to go back and see if that script has ever been run on that asset. Without that information I would never be able to determine why the asset field is blank.
The script should be designed or modified to throw alerts/tickets if bitlocker is enabled and it fails to produce a key.
1 Like
True. But if the custom field gets edited for some reason or removed, that doesn’t help.
I can’t imagine why someone would edit it, but even if they did the next time the script ran it would just overwrite it. If you don’t have it on a schedule already it should be, if BL was ever turned off and back on again you’d no longer have the current key (i think), or if an old device was merged with a new asset it would also be incorrect.
I can’t either. What prompted this was that I had a client have a drive in a laptop start to show errors. Removed it to put it in another system to test and found it was encrypted and asked for Bitlocker code. I don’t remember turning this on, so I wanted to go back and look in the history to see if for some reason it didn’t get run, or did, and if it actually wrote anything to my custom asset field, that is currently blank.
Because of this one incident, it has forced me to go back and schedule a weekly script to pull the status of Bitlocker and write the codes to the field if it is encrypted.
How often do you schedule your script to run?
If the computer was joined to AzureAD/365 account and the ‘manage device’ option isn’t unchecked it can be automatically encrypted. You can find the key in AzureAD stuff somewhere. I would think weekly would be fine.