I have some policies which look for some software installs and after business hours it automatically uninstalls the software.
The action is published to run whenever it is relevant, and some of my users are persistent at installing the bad software, so it triggers and uninstalls each time.
Is there any way to report on how many times and when an action has run against each of the systems it lists? Ideally as a list not having to drill into the console action per server.
Generically the open action just lists 9 systems, and the start and end time when viewed through console is just the last time it was run. It does however have a count but not when it was for the pervious runs.
BigFix Inventory would probably be a better choice for identifying and alerting on new / unauthorized software.
BigFix Compliance can help with auditing your security policy against CIS, USGCB, DISA STIG, or custom checklists; for example audit your Administrators groups match your policy; verify you have removed this user’s account from Administrators and disabled the account.