Skip to content

Absolute

Cyderes supports the ingestion of device reporting and SIEM events from Absolute.

Chronicle Data Types

  • ABSOLUTE
  • ABSOLUTE_SECURE_ENDPOINT

Configuration

To access the Absolute API, a user must be created in the absolute console that is assigned an absolute user role. The role can be a default user role, or custom role. Then, that user must have at least one API token associated with it.

More information and details on creating an API token can be seen in the Absolute API documentation

If you are ingesting SIEM events, you will need to ensure the desired event types are enabled in the Absolute console.

Gather Information

Note

Please include the credential's expiration date if available

Please provide Cyderes with the following:

  • Token ID
  • Secret Key
  • API Access URL
  • Desired sources: device reporting and/or SIEM events