MBAM reports compliance and other information about all of the computers it manages. The information on this topic can be used to help understand the Microsoft BitLocker Administration and Monitoring reports for enterprise and individual computer compliance and for key recovery activity. Here are some related guides: Enterprise Compliance, Computer Compliance, and Recovery Audit Report: Understanding the Microsoft BitLocker Administration and Monitoring (MBAM) reports fields, MBAM Frequent Report Errors: Understanding Microsoft BitLocker Administration and Monitoring compliance state and error status, and how to fix you are not allowed to view this folder on SSRS: MBAM reports cannot be accessed because it could not load folder contents. In this guide, you will learn how to query MBAM to display the BitLocker Recovery report.
If you can configure SQL Server Reporting Services to send in Enterprise Compliance, Computer Compliance, and Recovery Audit Report on a periodic time (day, week, or on monthly basis) as you wish. Also, you may want to get a specific report for a period of time such as a Monday or week. By this, you would like to get a list of devices that were recovered from a certain period of time. This guide will help you achieve this goal. Therefore, I would love to describe what can be achieved via the Recovery Audit Report!
Recovery Audit Report
Use this report type to audit users who have requested access to recovery keys. The report offers several filters based on the desired filtering criteria. Users can filter on a specific type of user, either a Help Desk user or an end-user, whether the request failed or was successful, the specific type of key requested, and the date range during which the retrieval occurred. The administrator can produce contextual reports based on need.
Who has access to the MBAM reports?
MBAM Report Users have access to the Compliance and Audit reports in the MBAM administration website.The local group for this role is installed on the Administration and Monitoring Server, Compliance and Audit Reports Server, and Compliance Status Database Server.See this guide on how to determine why an MBAM protected device is non-compliant, and how to deploy Microsoft BitLocker Administration and Monitoring Tool.
Query MBAM to display the BitLocker Recovery report for a Specific Period
Open a web browser and navigate to the Administration and Monitoring website (SQL Server Reporting Services via your organisation). When launched, it should look like the image below.
Please select the Recovery Audit Report.
Select the filters for your Recovery Key Audit report. The available filters for Recovery Key audits are as follows below.
The image below shows more filter that can be chosen from for the Recovery Key Audit report.
As you can see below, the results are displayed upon clicking on “View Reports”. If you wish to share this with your superiors, kindly click on the Save Button in the reports.
Results can be saved in different formats, such as HTML, Microsoft Word, and Microsoft Excel. Please see this guide for steps on how to create MBAM Enterprise and Compliance, and Recovery Audit reports.
Note: if you wish to generate an Enterprise Compliance Report, kindly keep this in mind. Historical MBAM client data is retained in the compliance database for historical reference in case a computer is lost or stolen. When running enterprise reports, we recommend that you use appropriate start and end dates to scope the time frames for the reports from one to two weeks to increase reporting data accuracy
I hope you found this blog post helpful on how to query MBAM to display the BitLocker Recovery report. If you have any questions, please let me know in the comment session.