Hello all! For many months now, the audit log for EVERY one of the computers on my instance show 'Viewed FileVault Encryption Key' with my username. I am somewhat new to JAMF but a moderate technologist generally and have recently taken over the System Admin role at my company under a lesser title. I have very rarely viewed any of these logs and it would be arduous for a human to view them as often as the logs display. To me, this log raises brows and I have reported it to my administration counter part who has a very high level title but the response is its probably just me and are not concerned at all (no reason for this, no background to share). I am planning on setting up monitoring on the instance's server with wireshark but I also plan to build a three story tree house and thought it might be a better idea to reach out here in the meantime ; -) The server instance has gone through at least three version upgrades in the last few months led by my administration counter part and unrelated to this symptom as far as I know so far. I had hoped the erroneous logs would stop but they have not. I was unable to find anything of value online concerning this symptom. Has anyone ever heard of this happening? Can you all check a few computers audit logs for frequent 'Viewed FileVault Encryption Key' logs by yourself and share your findings? Is this log somehow tied into the top level page for a computers basic information? These are the only things that would make sense to me other than bad news. Thanks!
