Data points collected by activated policies
Absolute policies control the collection of hardware, software, usage, and system information from your devices. The Hardware policy is always activated by default, but you need to activate other policies if you want to monitor additional device information in the Secure Endpoint Console. To learn about the specific data points that are collected when a particular policy is activated, refer to the appropriate section in this topic.
How frequently is data collected from a device?

Symbol / Value | Meaning |
---|---|
P | The Secure Endpoint Agent collects the data point on the indicated platform and shows it in the Secure Endpoint Console. |
n/a | The data point does not apply to the indicated platform. |
GAC | The data point is synced directly from the Google Admin console and shows in the Secure Endpoint Console. Applies to Chromebooks only. |
† | The Secure Endpoint Agent collects the data point on the indicated platform but the data point is not shown in the Secure Endpoint Console. |
O | The Secure Endpoint Agent does not detect the data point on the indicated platform because the platform does not make the data available, or because there is no requirement to collect this data. |

For any enrolled device, the Secure Endpoint Agent and its Hardware Data Processing (HDP) component collect the following data points:

In addition to the hardware data points shown for Chromebooks in the Hardware data points section, Absolute collects additional Chromebook data points from the Google Admin console. The following data points are on Chromebooks only:

When an Application Resilience policy is activated on a device, the Secure Endpoint Agent collects the following data points:
- Last App Resilience scan The date and time the Application Resilience (RAR) component of the Secure Endpoint Agent last ran a status check on the device.
-
Application Resilience
- Events last 30 days
- Failures last 30 days
- Repairs last 30 days
- Reinstalls last 30 days
Depending on the application, it also collects the following data points:
Resilient application Data points BitLocker® - Status (assessed health of the application)
- Repair status (success or failure of the last attempted repair)
- Status checked (date and time when Status last checked)
- Last updated (date and time the status check results were made available in the console)
- Became healthy / Became unhealthy (date when the Secure Endpoint Agent last detected the application changed health status)
-
Status details, which may include the following information, depending on the application’s Status:
- application version
- compatibility of OS (operating system) and TPM (trusted platform module) for BitLocker
- encryption method—AES-128 or AES-256
- encryption completeness
- protection status is on or off
- drive lock status is locked or unlocked
- Application Health data points
If you selected BitLocker with Standalone MBAM, Application Resilience repairs and reinstalls MBAM and collects and reports any exceptions.
Microsoft® SCCM - Status (assessed health of the application)
- Repair Status (success or failure of the last attempted repair)
- Status checked (date and time when Status last checked)
- Last updated (date and time the status check results were made available in the console)
- Became healthy / Became unhealthy (date when the Secure Endpoint Agent last detected the application changed health status)
-
Status details, which may include the following information, depending on the application’s Status:
- application version
- status of the admin share
- date and time of the last hardware inventory scan
- date and time of the last software inventory scan
- status of key application services
- status of key registry entries
- nature of any repairs or reinstalls initiated
- Application Health data points
For all other supported applications except for BitLocker and Microsoft SCCM
- Status (assessed health of the application)
- Repair status (success or failure of the last attempted repair or reinstall)
- Status checked (date and time when Status last checked)
- Last updated (date and time the status check results were made available in the console)
- Became healthy / Became unhealthy (date when the Secure Endpoint Agent last detected the application changed health status)
-
Status details, which may include the following information, depending on the application’s Status:
- application version
- status of key application services
- status of key registry entries
- nature of any repairs or reinstalls initiated
- Application Health data points (if supported for the application)
The Application Resilience policy is supported on Windows devices only.

The Secure Endpoint Agent collects the following data points when the Custom Data policy is activated on a Windows device:
Custom Data is not supported on Mac
Data point | |
---|---|
Custom data points | Provided by Absolute and added to the Custom Data policy by you. These data points are unique to you. |
Automatically included in the Custom Data policy, but must be enabled by you:
|

The Secure Endpoint Agent collects the following data points when the Device Compliance policy is activated on a Windows or Mac device:
The Device Compliance policy does not include unique data points. Instead, it collects data points from other policies as listed in the following table.
Policy | |
---|---|
|
|
|
|
|

The Secure Endpoint Agent collects the following data points when the Device Usage policy is activated on a Windows, Mac, or Chromebook device:

The Secure Endpoint Agent collects the following data points when the Endpoint Data Discovery (EDD) policy is activated on a Windows or Mac device:
The EDD policy is not supported on Chromebook devices.
Data point | Platform | |
---|---|---|
Windows | Mac | |
Scan Date | P | P |
Rule | P | P |
Matched token (content string that matched the Rule) | P | P |
Lexicon line number that was matched | P | P |
File Name | P | P |
File Extension | P | P |
File Type | P | P |
File Path | P | P |
File Owner | P | P |
File Created | P | P |
File Modified | P | P |
File Accessed | P | O |

The Secure Endpoint Agent collects the following data points when the Full-Disk Encryption Status policy is activated on a Windows or Mac device:
The Full-Disk Encryption policy is not supported on Chromebook devices.
Data point | Platform | |
---|---|---|
Windows | Mac | |
Encryption > Status | P | P |
Encryption > Product Name | P | P |
Encryption > Version | P | P |
Encryption > Algorithm | P |
P |
Encryption > Comments | P | P |
Encryption > Key Size | P |
P |
Encryption > SED Capable | P | P |
Encryption > Last Updated | P | P |
Encryption > All Drives Encrypted | P | P |

The Secure Endpoint Agent collects the following data points when the Geolocation Tracking policy is activated on a device:
Field | Platform | ||
---|---|---|---|
Windows | Mac | Chromebook | |
Device Location > City | P | P | P |
Device Location > State/Province | P | P | P |
Device Location > Country | P | P | P |
Device Location > Latitude | P | P | P |
Device Location > Longitude | P | P | P |
Geolocation technology > Type | P | P | P |
Geolocation technology > Accuracy (meters) | P | P | P |
Geolocation Tracking > Last data received | P | P | P |
Additional data points related to Wi-Fi Positioning geolocation technology: | |||
SSID and BSSID of nearby access points | P | P | O |
Signal strength of nearby access points | P | P | O |
Wi-Fi error | P | P | O |

The Secure Endpoint Agent collects the following data points when the Installed Applications policy is activated on a Windows or Mac device:
The Installed Applications policy is not supported on Chromebook devices.
Data point | Platform | |
---|---|---|
Windows | Mac | |
Application | P | P |
Version | P | P |
Publisher | P | P |
Installed (date) | P | P |
Install location | P | P |
Identifier | P | P |
OS Name | P | P |
Username | P | P |
The following data points are available when the prerequisite for Application Health is met. |
||
Health (including unhealthy reasons) |
P | P |
Last health changed | P | P |
Number of Unhealthy | P | P |
Number of Healthy | P | P |
Number of Unknown Health | P | P |

The Secure Endpoint Agent collects the following data points when the Web Usage policy is activated on a Windows
The Web Usage policy is not yet supported on Mac devices.
Field | Platform | |
---|---|---|
Windows | Chromebook | |
Website | P | P |
Webpage title | P | P |
Web usage > Daytime | P | P |
Web Usage > Evenings and weekends | P | P |
Username (of each logged in user) | P | P |