I need to be able to look back on an assets script history to see if I ever pulled or enabled bitlocker keys for this asset. I am only able to see a short history in the scripts section.
How can I pull this report? Is it possible?
1 Like
There isnât a report that lists script runs- this has been a popular feature request though and Iâd love to see that. Usually, I see that people will have the script put the BitLocker key in a custom field so that they can use a Saved Asset Search to query it later.
This is what we do but the field is blank, so I need to go back and see if that script has ever been run on that asset. Without that information I would never be able to determine why the asset field is blank.
The script should be designed or modified to throw alerts/tickets if bitlocker is enabled and it fails to produce a key.
1 Like
True. But if the custom field gets edited for some reason or removed, that doesnât help.
I canât imagine why someone would edit it, but even if they did the next time the script ran it would just overwrite it. If you donât have it on a schedule already it should be, if BL was ever turned off and back on again youâd no longer have the current key (i think), or if an old device was merged with a new asset it would also be incorrect.
I canât either. What prompted this was that I had a client have a drive in a laptop start to show errors. Removed it to put it in another system to test and found it was encrypted and asked for Bitlocker code. I donât remember turning this on, so I wanted to go back and look in the history to see if for some reason it didnât get run, or did, and if it actually wrote anything to my custom asset field, that is currently blank.
Because of this one incident, it has forced me to go back and schedule a weekly script to pull the status of Bitlocker and write the codes to the field if it is encrypted.
How often do you schedule your script to run?
If the computer was joined to AzureAD/365 account and the âmanage deviceâ option isnât unchecked it can be automatically encrypted. You can find the key in AzureAD stuff somewhere. I would think weekly would be fine.
It has been almost 2 years already and still no way to review script history?
I run a script against 100 agents, can review the last 5 runs, but have to drill into 95 assets to get the results and make notes in an excel spreadsheet for pass or fail?
It is a terrible waste of productivity. Probably could save time by running 5 at a time, or just logging into a powershell shell and run them 1 at a time, noting the results in Excel.
If the concern for implementing this feature is the space needed storing everyoneâs script results on the Syncro server, perhaps you could consider keeping those logs for 7 to 30 days then delete them.
Please bump the priority for this much needed feature. It should be a one button click to review all results for the last script run and not waste valuable time kludging a workaround writing results to a file. - Thank you
1 Like
Hey Rick, there is not a report for this currently. That said, if all you are trying to do is bulk report on pass/fail, the normal workflow would be to only report on failed scripts and have those open alerts within Syncro. From there, you can determine the severity and open tickets, run alternate scripts, or notify folks as needed from within our Automated Remediation module.
Andy, we actively have made attempts to NOT use Scheduled Scripts -because- of the script history page and lack of reporting. We find we have to be overly aggressive on how cautious we are on lettings scripts run, because very quickly we run out of audit history on those scripts. We NEED an option to get more than the single page, and/or run a report to find out what scripts a tech may have ran, etc.
I can understand that the scripts page on individual devices may load faster with a single page of data. But if it had a âshow moreâ or âshow allâ or âPage 2 ofâŚâ it would at least get us marginally closer.
But we very much need a way to report on âAll scripts ran by Bob in the last 14 daysâ and also âAll runs of ScriptX for the last 30 daysâ.
We donât need to know âpass/failâ, so output to an asset field is not the answer here.
1 Like
Ok in that case Iâd submit a feature request in the Feature Request category here in our Community Forums.
Typically when you run a ton of scripts you just want to report on any exceptions (didnât complete, failed, errors, etc.) and those are easy enough to report on Syncro today. If you are looking for internal audit trails, or are looking for reports for other compliance reasons, I do understand the deficiency there.
Curious what youâd think about us adding script runs to the Asset Activity Audit report and then you could get bulk results there and scope them down to any of the options that exist in that report today.
1 Like
In the mean time you can add Log-Activity commands to each script and use the Asset Activity Report. Unfortunately thereâs no filter in the dropdown for that activity type, so youâll have to name them uniquely and use the text search.