Data points collected by activated policies

Absolute policies control the collection of hardware, software, usage, and system information from your devices. The Hardware policy is always activated by default, but you need to activate other policies if you want to monitor additional device information in the Absolute console. To learn about the specific data points that are collected when a particular policy is activated, refer to the appropriate section in this topic.

How frequently is device data collected?

NOTE Depending on the Absolute licenses associated with your account, some data points may not be available.

Understanding the tables

Symbol / Value	Meaning
P	The Absolute agent collects the data point on the indicated platform and shows it in the Absolute console.
n/a	The data point does not apply to the indicated platform.
GAC	The data point is synced directly from the Google Admin console and shows in the Absolute console. Applies to Chromebooks only.
†	The Absolute agent collects the data point on the indicated platform but the data point is not shown in the Absolute console.
O	The Absolute agent does not detect the data point on the indicated platform because the platform does not make the data available, or because there is no requirement to collect this data.

Hardware

For any enrolled device, the Absolute agent and its Hardware Data Processing (HDP) component collect the following data points:

Data point	Device platform
Data point	Windows	Mac	Android	Chromebook
Agent specific data points
Identifier The unique Electronic Serial Number (ESN) assigned to the Absolute agent that is installed on a device.	P	P	P	P
Last connected The date and time when a device's Absolute agent last checked in to the Absolute Monitoring Center.	P	P	P	P
Agent Status The operating condition of an Absolute agent. Possible values are Active (indicates that the agent has connected to the Monitoring Center), Inactive (indicates that the agent has not yet connected to the Monitoring Center), and Disabled (indicates that the agent is either flagged for removal or removed from the device).	P	P	P	P
Agent A field and report column that shows the version number of the core agent installed on a Windows or Mac device. The current Windows version is 978 (8.0.978.0). The current Mac version is 976.	P	P	†	†
Component manager The component manager is installed on top of the core agent and manages the agent components responsible for initiating device actions and collecting device data. Most agent components are controlled by policies, such as the Hardware and Installed Applications policies.	P	P	†	†
Component manager > Status Report column that shows the status of the component manager (CM) installed on a Windows or Mac device. Possible values are: Healthy (the CM is communicating successfully with the Absolute Monitoring Center), Packet inspection detected ( the CM is not communicating with the Absolute Monitoring Center. To learn how to resolve this issue, hover over the icon and click "Learn more" in the tooltip), and No Data (the CM is not communicating with the Absolute Monitoring Center, or the status is not available because version 1.0.0.2116 or higher of the CM is not installed on the device, or the device is not a Windows or Mac device).	P	P	O	O
Persistence agent Applies to most Windows devices. A field and report column that shows the version number of the Absolute Persistence software embedded in the firmware of the device. See also Persistence technology.	P	n/a	†	n/a
Device data points
Device name The name assigned to the device in the operating system. For Chromebooks, device name is not applicable and therefore shows as "Chrome" in the Absolute console.	P	P	P	O
Username Username of the user who was logged in to the device when an agent connection occurred. If no user was logged in during the most recent agent connection, the last detected username shows. If you are viewing a report and want to see if a user was logged in during the most recent connection, add the Current Username column to the report. If no user was logged in at the time of the connection, "No Data" or two em dashes (— —) show in the column.	P	P	n/a	P
Domain The name of the device's Windows domain, if applicable.	P	P	n/a	n/a
Encryption Status The detected status of a Windows or Mac device with respect to the installation of a full-disk encryption product. Possible values are: Encrypted, Used Space Encrypted, Not Encrypted, Suspended, Encryption In Progress, Decryption in Progress, Not Detected and No Data.	P	P	n/a	n/a
Full system name (called System name on Mac)	P	P	n/a	n/a
Operating System
Name The name and version of the operating system detected on a device. The operating system is software that manages the software and hardware installed on a computer and allows programs and services to run. It is responsible for the basic operations of a computer system.	P	P	P	P
Version The number that identifies the version of the operating system, which was detected by the Absolute agent. (for some Mac devices, Edition holds this information)	P	P	P	GAC
Edition	n/a	P	n/a	n/a
Build	P	P	n/a	n/a
CSDVersion / OS Service Pack	P	n/a	n/a	n/a
Architecture	P	n/a	n/a	P
Install date	P	P	n/a	n/a
Last boot time	P	P	n/a	n/a
Update build revision	P	n/a	n/a	n/a
Current build	P	n/a	n/a	n/a
Release ID	P	n/a	n/a	n/a
Edition ID	P	n/a	n/a	n/a
Manufacturer	P	n/a	n/a	n/a
Product key	P	O	n/a	n/a
Serial number	P	P	n/a	n/a
Windows directory	P	n/a	n/a	n/a
Other OS description	P	n/a	n/a	n/a
System Information
Hard Drive (HD) Free Space The amount of storage currently available on a hard disk, expressed in gigabytes.	P	P	n/a	n/a
Total physical memory The amount of dynamically accessible memory on a device, expressed in gigabytes. (bytes)	P	P	P	P
Available physical memory (bytes)	P	P	P	P
Total virtual memory (bytes)	P	P	n/a	n/a
Available Virtual Memory (bytes)	P	P	n/a	n/a
Local IP address The local Internet Protocol (IPv4) address that identifies a device connected to a private network.	P	P	P	P
Public IP address The public Internet Protocol (IPv4) address that identifies a device that is connected to the Internet.	P	P	P	P
Processor	P	O	P	O
Page file space (bytes)	P	n/a	n/a	n/a
Page file	P	n/a	n/a	n/a
Boot device	P	P	n/a	n/a
Locale	P	P	n/a	P
Name	P	P	n/a	P
System directory	P	P	n/a	n/a
Make The manufacturer of a device.	P	P	P	GAC
Model The manufacturer's designated name for the type of device.	P	P	P	GAC
System type	P	P	n/a	n/a
Serial number The identification number assigned to the device by the device manufacturer. For Windows devices, this value may correspond to the serial number of the BIOS, the motherboard, or the chassis, depending on the manufacturer.	P	P	P	GAC
Time zone	P	P	n/a	n/a
System integrity protection status	n/a	P	n/a	n/a
BIOS
Release date	P	n/a	n/a	n/a
Language	P			n/a
Serial number	P			n/a
Version	P			GAC
SMBIOS version	P			n/a
SMBIOS major version	P			n/a
SMBIOS minor version	P			n/a
Manufacturer	P			n/a
Version date	P			n/a
Asset tag	P			n/a
Supervisor Password Status	P Supported models only			n/a
Battery
ID	P	P	O	O
Name	P	P
Serial number	P	P
Capacity	P	P
Estimated charge remaining	P	P
Estimated runtime	P	O
Expected life	O
Max recharge time	O
Memory
NOTE The Absolute agent cannot collect memory information for MacBook Pro devices with an Apple M1 chip.
ID	P	n/a	See Memory and Storage	P
Part number	n/a	P		n/a
Manufacturer	P	P		n/a
Serial number	P	P		n/a
Size (bytes)	P	P		P
Slot	P	P		n/a
Speed	P	P		n/a
Type (or Type Detail)	P	P		n/a
Status	n/a	P		n/a
Chassis Type	P	n/a		n/a
CPU
ID	P	P	P	P
Name	P	P	P	P
Architecture	P	P	n/a	P
Bus speed	O	P	n/a	n/a
Data width	P	O	n/a	n/a
Instruction set	O	P	n/a	n/a
Logical cores	P	P	n/a	n/a
Physical cores	P	P	n/a	n/a
Processor speed The rate at which the computer processor computes, measured in megaHertz.	P	O	P	n/a
Processor number	O	O	n/a	P
L2 cache size	P	P	n/a	n/a
L2 cache speed	P	O	n/a	n/a
L3 cache size	P	P	n/a	n/a
L3 cache speed	P	O	n/a	n/a
CD ROM
ID	P	n/a	n/a	n/a
Name	P
Drive	P
Manufacturer	P
Media loaded	P
Media Type	P
Description	P
Status	P
Transfer rate	P
PnP device ID	P
SCSI target ID	P
Sound Device
The following data points are collected for each detected sound device:
ID	P	n/a	O	O
Name (for Mac devices, this field also shows the ID)	P	P
Manufacturer	P	P
Camera
The following data points are collected for each detected camera:
ID	P	P	P	O
Name	P	P	n/a
Description	P	n/a	P
Model	O	P	n/a
Is Enabled	P	P	P
Display
The following data points are collected for each detected display:
ID	P	n/a	n/a	n/a
Name	P	n/a	n/a	P
PnP device ID	P	n/a	n/a	n/a
Adapter type	P	n/a	n/a	n/a
Adapter description	P	P	n/a	n/a
Manufacturer	P	P	n/a	n/a
Adapter RAM	P	n/a	n/a	n/a
Driver version	P	n/a	n/a	n/a
Number of colors	P	n/a	n/a	n/a
Resolution	P	n/a	P	P
Bits per pixel	P	n/a	n/a	n/a
Depth	n/a	P	n/a	n/a
Height	P	P	n/a	P
Width	P	P	n/a	P
Refresh rate	n/a	P	n/a	n/a
Horizontal resolution	†	n/a	†	n/a
Vertical resolution	†	n/a	†	n/a
Keyboards
The following data points are collected for each detected keyboard:
ID	P	n/a	n/a	O
Name	P	P
Description	P	n/a
Layout	P	n/a
PnP device ID	P	n/a
Number of function keys	P	n/a
Pointing Devices
The following data points are collected for each detected pointing device:
ID	P	P	n/a	O
Name	P	P
Manufacturer	P	P
Number of buttons	P	n/a
Power management supported	P	P
PnP device ID	P	n/a
Handedness	P	n/a
Hardware type	P	n/a
Mobile Broadband Adapter
The following data points are collected for each detected adapter: NOTE This information is available only on the device's (Classic) Device Summary page, and the Mobile Broadband Adapter Report in Classic Reports.
Manufacturer	P	n/a	n/a	n/a
Model	P
Network	P
Service Status	P
Detected Phone Number	P
Network Adapters
The following data points are collected for each detected adapter:
ID	P	n/a	See Wi-Fi and Bluetooth	P
Name	P	P		P
Adapter type	P	n/a		n/a
Installed	P	n/a		n/a
IPv4 address	P	P		P
IPv6 address	P	P		n/a
IP subnet	P	n/a		n/a
Default gateway	P	n/a		n/a
DHCP enabled	P	n/a		n/a
DHCP server	P	n/a		n/a
DHCP lease expires	P	n/a		n/a
DHCP lease obtained	P	n/a		n/a
MAC address	P	P		GAC
Manufacturer	P	P		n/a
Product type	P	n/a		n/a
Speed	P	P		n/a
Network SSID	P	P		n/a
Storage
Disk
The following data points are collected for each detected disk:
ID	P	P	n/a	n/a
Name	P	P		P
Description	P	P		n/a
Disk index	P	P		n/a
Bytes per sector	P	n/a		n/a
Firmware revision	P	P		n/a
Manufacturer	P	P		n/a
Media type	P	P		n/a
Model	P	P		n/a
Number of partitions	P	n/a		n/a
Sectors per track	P	n/a		n/a
Serial number	P	P		n/a
Size (bytes) (for Chromebook, this is the capacity)	P	P		P
Status	P	n/a		n/a
Total cylinders	P	n/a		n/a
Total heads	P	n/a		n/a
Total sectors	P	n/a		n/a
Total tracks	P	n/a		n/a
Total tracks per cylinder	P	n/a		n/a
Volumes
The following data points are collected for each detected volume:
ID	P	P	n/a	n/a
Name	P	P
Boot	P	P
Compressed	P	n/a
Drive letter	P	n/a
File system	P	P
Serial	P	P
Size (bytes)	P	P
Free space (bytes)	P	P
Mount point	n/a	P
Printers
The following data points are collected for each detected printer:
ID	P	P	n/a	O
Name	P	P
Driver	P	P
Server	P	O
Share	P	O
Port	P	O
USB
The following data points are collected for each detected USB device:
Name	P	O	n/a	O
Manufacturer	P
PnP device ID	P
Anti-malware
The following data points are collected for the anti-malware software detected on the device:
Product name	P	P	O	n/a
Version	P	P
Definition	P	P
Definition date	P	P
Last updated	P	P

Additional hardware data points collected on Chromebook devices

In addition to the hardware data points shown for Chromebooks in the Hardware data points section, Absolute collects additional Chromebook data points from the Google Admin console. The following data points are on Chromebooks only:

Chromebook specific data points
Annotated asset ID
Annotated location
Annotated user
Auto-update expiration
Boot Mode
Device ID
Extension
Notes
Organizational unit
Platform version
Provisioning status
Recent Users

Additional hardware data points collected on Android devices

In addition to the hardware data points shown for Android devices in the Hardware data points section, the Absolute agent and its Hardware Data Processing (HDP) component collect the following additional data points on Android devices only:

Android specific data points
Security Patch Level
Detected Serial Number
Network
Wi-Fi
The following data points collected for each detected adapter:
ID
Adapter type
IPV4 Address
MAC Address
Speed
Network SSID
Bluetooth
The following data points collected for each detected Bluetooth device:
Address
Is Enabled
Memory & Storage
Available physical memory
Total physical memory
Available space
Cellular
Enabled
Mobile network — Current
Mobile network — Home
IMEI The International Mobile Equipment Identity (IMEI) is an identifier used to identify GSM, UMTS and LTE mobile phones. Typically, you can find a phone's IMEI in the battery compartment, or on-screen in phone settings.
IMSI The International Mobile Subscriber Identity (IMSI) is a unique identifier used to identify the user, or subscriber, of a cellular network. The number includes the country and mobile network to which the subscriber belongs. The IMSI is stored on a phone's SIM card.
Phone number
SIM ICCID (Integrated Circuit Card Identifier)
Type

The following additional data points show only on the device's Android Vulnerability page:

Data point
Device rooted A process that enables the user of an Android device to access the Android operating system and make software code changes. This process puts the device at greater risk of damage and security vulnerabilities and is not advisable.	Lock screen protection
GMS certified device Google Mobile Services (GMS) is a collection of popular Google applications and APIs, such as Google Chrome, YouTube, and Google Search. To enable Android device manufacturers to include these apps out-of-the-box, their devices must be certified by Google. To be certified, devices must comply with the Android Compatibility Definition Document (CDD) and pass the Compatibility Test Suite (CTS).	Screen timeout lock
ROM type	Device encrypted
Bootloader unlock available	SD card encrypted
ADB enabled (ADB = Android Debug Bridge)	Mac address change
Unknown sources installation	IMEI change
Google app verification level	IMSI/SIM card change
Google app verification frequency	Factory data reset
Secondary (Non-Google) Google app verification	EMM client installed
Anti-Malware app installed	MTD app installed
Cloud storage app installed

Application Persistence

When an Application Persistence policy is activated on a device, the Absolute agent collects the following data points, depending on the application being persisted:

NOTE The Application Persistence policy is supported on Windows devices only.

Persisted application	Data points
BitLocker®	Status (assessed health of the application) Repair Status (success or failure of the last attempted repair) Status Checked (date and time when Status last checked) Repairs, reinstalls and failures over the past 30 days Became healthy / Became unhealthy (date when the Status of the application last changed) Status Details, which may include the following information, depending on the application’s Status: application version compatibility of OS (operating system) and TPM (trusted platform module) for BitLocker encryption method—AES-128 or AES-256 encryption completeness protection status is on or off drive lock status is locked or unlocked If you selected BitLocker with Standalone MBAM, the AP persists MBAM and collects and reports any exceptions.
Microsoft® SCCM	Status (assessed health of the application) Repair Status (success or failure of the last attempted repair) Status Checked (date and time when Status last checked) Repairs, reinstalls and failures over the past 30 days Became healthy / Became unhealthy (date when the Status of the application last changed) Status Details, which may include the following information, depending on the application’s Status: application version status of the admin share date and time of the last hardware inventory scan date and time of the last software inventory scan status of key application services status of key registry entries nature of any repairs or reinstalls initiated
For all other supported applications except for Bitlocker and Microsoft SCCM See Applications supported by Application Persistence policies for a full list of supported applications	Status (assessed health of the application) Repair Status (success or failure of the last attempted repair or reinstall) Status Checked (date and time when Status last checked) Repairs, reinstalls and failures over the past 30 days Became healthy / Became unhealthy (date when the Status of the application last changed) Status Details, which may include the following information, depending on the application’s Status: application version status of key application services status of key registry entries nature of any repairs or reinstalls initiated

Persisted application

Data points

BitLocker®

Status (assessed health of the application)
Repair Status (success or failure of the last attempted repair)
Status Checked (date and time when Status last checked)
Repairs, reinstalls and failures over the past 30 days
Became healthy / Became unhealthy (date when the Status of the application last changed)
Status Details, which may include the following information, depending on the application’s Status:
- application version
- compatibility of OS (operating system) and TPM (trusted platform module) for BitLocker
- encryption method—AES-128 or AES-256
- encryption completeness
- protection status is on or off
- drive lock status is locked or unlocked

If you selected BitLocker with Standalone MBAM, the AP persists MBAM and collects and reports any exceptions.

Microsoft® SCCM

Status (assessed health of the application)
Repair Status (success or failure of the last attempted repair)
Status Checked (date and time when Status last checked)
Repairs, reinstalls and failures over the past 30 days
Became healthy / Became unhealthy (date when the Status of the application last changed)
Status Details, which may include the following information, depending on the application’s Status:
- application version
- status of the admin share
- date and time of the last hardware inventory scan
- date and time of the last software inventory scan
- status of key application services
- status of key registry entries
- nature of any repairs or reinstalls initiated

For all other supported applications except for Bitlocker and Microsoft SCCM

See Applications supported by Application Persistence policies for a full list of supported applications

Status (assessed health of the application)
Repair Status (success or failure of the last attempted repair or reinstall)
Status Checked (date and time when Status last checked)
Repairs, reinstalls and failures over the past 30 days
Became healthy / Became unhealthy (date when the Status of the application last changed)
Status Details, which may include the following information, depending on the application’s Status:
- application version
- status of key application services
- status of key registry entries
- nature of any repairs or reinstalls initiated

Custom Data

The Absolute agent collects the following data points when the Custom Data policy is activated on a Windows device:

Custom Data is not supported on Mac, Chromebook, or Android devices.

Data point
Custom data points	Provided by Absolute and added to the Custom Data policy by you. These data points are unique to you.
Default data points	Automatically included in the Custom Data policy, but must be enabled by you: Chrome extensions DNS servers Firewall status OU - organizational unit Wi-Fi authentication protocol

Data point

Custom data points

Provided by Absolute and added to the Custom Data policy by you. These data points are unique to you.

Default data points

Automatically included in the Custom Data policy, but must be enabled by you:

Chrome extensions
DNS servers
Firewall status
OU - organizational unit
Wi-Fi authentication protocol

Device Usage

The Absolute agent collects the following data points when the Device Usage policy is activated on a Windows, Mac, or Chromebook device:

NOTE The Device Usage policy is not supported on Android devices.

Data point	Platform
Data point	Windows	Mac	Chromebook
Average Daily Usage The daily usage of a device, averaged over the 30 days prior to the most recent agent check-in and expressed in total hours and minutes. Note that any days with no usage are not included in the calculation. Applies only to Windows, Mac, and Chromebook devices with an activated Device Usage policy.	P	P	P
Usage Level The level of daily device usage, averaged over the past 30 days. There are four levels: Heavily Used (over 8 hours), Moderately Used (4 to 8 hours), Lightly Used (1 to 4 hours), Not Used (less than 1 hour). Applies only to Windows, Mac, and Chromebook devices with an activated Device Usage policy.	P	P	P
Event Timestamp (Local Device Time): <n> minutes of activity	P	P	P
Activity Type (Login or Unlock)	P	P	P
BSSID	P	P	n/a
SSID	P	P	n/a
Local IP (IPv4)	P	P	P
Public IP (IPv4)	P	P	P
Active Directory OU	P	P	n/a

Endpoint Data Discovery

The Absolute agent collects the following data points when the Endpoint Data Discovery (EDD) policy is activated on a Windows or Mac device:

NOTE The EDD policy is not supported on Android or Chromebook devices.

Data point	Platform
Data point	Windows	Mac
Scan Date	P	P
Rule	P	P
Matched token (content string that matched the Rule)	P	P
Lexicon line number that was matched	P	P
File Name	P	P
File Extension	P	P
File Type	P	P
File Path	P	P
File Owner	P	P
File Created	P	P
File Modified	P	P
File Accessed	P	O

Full-Disk Encryption

The Absolute agent collects the following data points when the Full-Disk Encryption Status policy is activated on a Windows or Mac device:

NOTE The Full-Disk Encryption policy is not supported on Android or Chromebook devices.

Data point	Platform
Data point	Windows	Mac
Encryption > Status	P	P
Encryption > Product Name	P	P
Encryption > Version	P	P
Encryption > Algorithm	P	O
Encryption > Comments	P	P
Encryption > Key Size	P	O
Encryption > SED Capable	P	P
Encryption > Last Updated	P	P
Encryption > All Drives Encrypted	P	P

Geolocation Tracking

The Absolute agent collects the following data points when the Geolocation Tracking policy is activated on a device:

Field	Platform
Field	Windows	Mac	Android	Chromebook
Device Location > City	P	P	P	P
Device Location > State/Province	P	P	P	P
Device Location > Country	P	P	P	P
Device Location > Latitude	P	P	P	P
Device Location > Longitude	P	P	P	P
Geolocation technology > Type	P	P	P	P
Geolocation technology > Accuracy (meters)	P	P	P	P
Geolocation Tracking > Last data received	P	P	P	P

Installed Applications

The Absolute agent collects the following data points when the Installed Applications policy is activated on a Windows or Mac device:

NOTE The Installed Applications policy is not supported on Android or Chromebook devices.

Data point	Platform
Data point	Windows	Mac
Application	P	P
Version	P	P
Publisher	P	P
Installed (date)	P	P
Install location	P	P
Identifier	P	P
OS Name	P	P
Username	P	P

Software

The Absolute agent collects the following data points when the Software policy is activated on a Windows, Mac, or Android device:

NOTE The Software policy is not supported on Chromebook devices.

Data point	Platform
Data point	Windows	Mac	Android
Publisher	P	P	P
Suite	P	P	P
Application Name	P	P	P
Application Version	P	P	P
File Name	P	P	P
File Version	P	P	P
Detected Date	P	P	P
File Path	P	P	P

Web Usage

The Absolute agent collects the following data points when the Web Usage policy is activated on a Windows or Chromebook device:

NOTE The Web Usage policy is not yet supported on Mac and Android devices.

Field	Platform
Field	Windows	Chromebook
Website	P	P
Webpage title	P	P
Web usage > Daytime	P	P
Web Usage > Evenings and weekends	P	P
Username (of each logged in user)	P	P