I have found an EPO on-access artemis scan report that tells me the level the VSE is configured to scan for, but not if it is actually enabled. We have found a number of workstations and servers that had on-access scanning disabled somehow (usually due to a failed patch upgrade or stopped service).
I have a similar challenge, I want a compliance report to tell me if On-Access Scanner is enabled. There is a property in epo that does tell you if it is, but you cannot query that field unless you wan to work in SQL...
I am currently testing a script that can be deployed via the EEDK that will help.
The script can be deployed and executed upon check-in, once executed I reads the reg value of the On-Access State key. The script then translates the data into English an writes that in the Custom Property fields. I can hen run a report for "Custom properties 4 = OAS Disabled"
Testing looks good, and I hope to be posting in tools section soon.