Absolute Secure Endpoint¶
About¶
Absolute Secure Endpoint is a security solution that provides continuous visibility and control over endpoint devices, offering capabilities such as device health monitoring, remote remediation, and persistent agent resilience even if attempts are made to disable or remove it.
Product Details¶
Vendor URL: Absolute Secure Endpoint
Product Type: Endpoint Security
Product Tier: Tier II
Integration Method: API
Log Guide: N/A
Parser Details¶
Log Format: JSON
Expected Normalization Rate: Near 100%
Data Label: ABSOLUTE_SECURE_ENDPOINT
UDM Fields (list of all UDM fields leveraged in the Parser):
| Log File Field | UDM Field |
|---|---|
| actorDisplayName | principal.hostname |
| createdDateTimeUtc | metadata.collected_timestamp |
| eventDateTimeUtc | metadata.event_timestamp |
| eventType | metadata.product_event_type |
| actorDisplayId | principal.asset.attribute.labels |
| objectDisplayId | target.asset.attribute.labels |
| objectDisplayName | target.asset.attribute.labels |
| objectProperties.Longitude | target.location.region_coordinates.longitude |
| objectProperties.Latitude | target.location.region_coordinates.latitude |
| objectProperties.CountryName | target.location.country_or_region |
| objectProperties.State | target.location.state |
| objectProperties.City | target.location.city |
| objectProperties.Technology | additional.fields |
| verb | security_result.summary |
Product Event Types¶
| Event | UDM Event Classification |
|---|---|
| all | GENERIC_EVENT |
Log Sample¶
{"actorDisplayId":"d1f2e3c4-5678-90ab-cdef-1234567890ab","actorDisplayName":"DEVICE-12345","actorObjectType":"Device","createdDateTimeUtc":"2026-04-27T12:03:22.927Z","eventDateTimeUtc":"2026-04-27T11:59:08.000Z","eventType":"DeviceLocationUpdated","id":"abc12345def67890abc12345","objectDisplayId":"loc-98765-43210","objectDisplayName":"Device Location","objectObjectType":"Geolocation","objectProperties":"PropertyName[1]=Longitude;OldValue[1]=-117.5222899;NewValue[1]=-117.2953936;PropertyName[2]=Latitude;OldValue[2]=33.8201882;NewValue[2]=33.2754308;PropertyName[3]=CountryCode;OldValue[3]=US;NewValue[3]=US;PropertyName[4]=CountryId;OldValue[4]=COUNTRY-001;NewValue[4]=COUNTRY-001;PropertyName[5]=CountryName;OldValue[5]=United States;NewValue[5]=United States;PropertyName[6]=State;OldValue[6]=California;NewValue[6]=California;PropertyName[7]=StateId;OldValue[7]=STATE-CA;NewValue[7]=STATE-CA;PropertyName[8]=City;OldValue[8]=Corona;NewValue[8]=Oceanside;PropertyName[9]=CityId;OldValue[9]=CITY-001;NewValue[9]=CITY-002;PropertyName[10]=GeofenceIds;OldValue[10]=;NewValue[10]=geofence-123,geofence-456;PropertyName[11]=Technology;OldValue[11]=wifiAccessPoints;NewValue[11]=wifiAccessPoints;PropertyName[12]=GeoHistoryId;OldValue[12]=;NewValue[12]=history-789;PropertyName[13]=Gps.ErrorKey;OldValue[13]=;NewValue[13]=gps-not-supported;PropertyName[14]=Os.Latitude;OldValue[14]=;NewValue[14]=33.2751619;PropertyName[15]=Os.Longitude;OldValue[15]=;NewValue[15]=-117.2962795;PropertyName[16]=Ip.Latitude;OldValue[16]=;NewValue[16]=32.7339745;PropertyName[17]=Ip.Longitude;OldValue[17]=;NewValue[17]=-117.1445465;","verb":"Updated"}
Sample Parsing¶
metadata.event_timetsamp = "2026-04-27T11:59:08.000Z"
metadata.collected_timestamp = "2026-04-27T12:03:22.927Z"
metadata.product_event_type = "DeviceLocationUpdated"
principal.hostname = "DEVICE-12345"
principal.asset.attribute.labels["actorDisplayId"] = "d1f2e3c4-5678-90ab-cdef-1234567890ab"
target.asset.attribute.labels["objectDisplayId"] = "loc-98765-43210"
target.asset.attribute.labels["objectDisplayName"] = "Device Location"
target.location.region_coordinates.longitude = "-117.2953936"
target.location.region_coordinates.latitude = "33.2754308"
target.location.country_or_region = "United States"
target.location.state = "California"
target.location.city = "Oceanside"
additional.fields["technology"] = "wifiAccessPoints"
security_result.summary = "Updated"