Give them what they want.
I remember one onerous requirement that we had to report suspicious activity. We complained that the guidance was vague and the data would be meaningless. In end we "complied". We reported things like "something flashed up on the screen and disappeared within a second" too quick to take any details. "The machine suddenly did a lot of disk I/O when I was doing nothing". "The same problem as yesterday"
This turned out to be automatic updates, and the corporate tools checking our machines, so perfectly normal activity - but how were we to know. We all sent this stuff in - a couple of times a day. We also asked our managers to get back "status" from the people requesting this data, and ask how they were doing, and asked for an analysis of the data.
After a couple of weeks the requirements to collect this data was quietly scrapped.