SentinelHealth is still in private preview but should be available soon. When available:

https://github.com/rod-trent/SentinelKQL/blob/master/UnsuccessfulRulesinLast24.txt

Q1: yes, the SecurityIncident and SecurityAlert Tables hold the last run time, basic example:

// last modified time for unique incident numbers
SecurityIncident
| summarize arg_max(LastModifiedTime,*) by IncidentNumber

There are columns for TimeGenerated, Last Modified (used above), LastActivity, createdTime, ClosedTime...
Also see: https://techcommunity.microsoft.com/t5/microsoft-sentinel/enrich-table-with-entities-from-security-i...

Q2. The rule will run from the time from when it was enabled/deployed.
i.e. If you enable the rule at 8am, and ask it to run each hour it will fire at 9am, 10am, 11am etc... You can't (yet, but it's been requested) specify a launch time, like 8:05am.

@raju_ninja007 - In addition, there is a workbook available named Log Sources & Analytic Rule Coverage in Sentinel Workbook gallery to view the rule in detail which uses the below API to extract the details
https://docs.microsoft.com/en-us/rest/api/securityinsights/stable/alert-rules/list
And you can leverage SecurityIncident table to get the latest incident created from rule.