Rooba
/
tacticalrmm
mirror of https://github.com/amidaware/tacticalrmm.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update for new repo

This commit is contained in:
wh1te909 2022-03-18 18:09:58 +00:00
parent 4aea16ca8c
commit 5142783db9
189 changed files with 27 additions and 5988 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -12,7 +12,7 @@ Demo database resets every hour. A lot of features are disabled for obvious reas
### [Discord Chat](https://discord.gg/upGTkWp)
### [Documentation](https://wh1te909.github.io/tacticalrmm/)
### [Documentation](https://docs.tacticalrmm.com)
## Features
@ -34,4 +34,4 @@ Demo database resets every hour. A lot of features are disabled for obvious reas
## Installation / Backup / Restore / Usage
### Refer to the [documentation](https://wh1te909.github.io/tacticalrmm/)
### Refer to the [documentation](https://docs.tacticalrmm.com)

2
SECURITY.md
View File

@ -9,4 +9,4 @@
## Reporting a Vulnerability
https://wh1te909.github.io/tacticalrmm/security/
https://docs.tacticalrmm.com/security

2
api/tacticalrmm/agents/tasks.py
View File

@ -271,7 +271,7 @@ def run_script_email_results_task(
@app.task
def clear_faults_task(older_than_days: int) -> None:
# https://github.com/wh1te909/tacticalrmm/issues/484
# https://github.com/amidaware/tacticalrmm/issues/484
agents = Agent.objects.exclude(last_seen__isnull=True).filter(
last_seen__lt=djangotime.now() - djangotime.timedelta(days=older_than_days)
)

4
api/tacticalrmm/agents/tests.py
View File

@ -1430,7 +1430,7 @@ class TestAgentTasks(TacticalTestCase):
self.assertEqual(action.status, "pending")
self.assertEqual(
action.details["url"],
f"https://github.com/wh1te909/rmmagent/releases/download/v{settings.LATEST_AGENT_VER}/winagent-v{settings.LATEST_AGENT_VER}.exe",
f"https://github.com/amidaware/rmmagent/releases/download/v{settings.LATEST_AGENT_VER}/winagent-v{settings.LATEST_AGENT_VER}.exe",
)
self.assertEqual(
action.details["inno"], f"winagent-v{settings.LATEST_AGENT_VER}.exe"
@ -1440,7 +1440,7 @@ class TestAgentTasks(TacticalTestCase):
{
"func": "agentupdate",
"payload": {
"url": f"https://github.com/wh1te909/rmmagent/releases/download/v{settings.LATEST_AGENT_VER}/winagent-v{settings.LATEST_AGENT_VER}.exe",
"url": f"https://github.com/amidaware/rmmagent/releases/download/v{settings.LATEST_AGENT_VER}/winagent-v{settings.LATEST_AGENT_VER}.exe",
"version": settings.LATEST_AGENT_VER,
"inno": f"winagent-v{settings.LATEST_AGENT_VER}.exe",
},

8
api/tacticalrmm/tacticalrmm/settings.py
View File

@ -23,8 +23,8 @@ TRMM_VERSION = "0.12.0"
# to alert user they need to manually refresh their browser
APP_VER = "0.0.157"
# https://github.com/wh1te909/rmmagent
LATEST_AGENT_VER = "2.0.1"
# https://github.com/amidaware/rmmagent
LATEST_AGENT_VER = "2.0.0"
MESH_VER = "0.9.98"
@ -37,8 +37,8 @@ NPM_VER = "29"
SETUPTOOLS_VER = "59.6.0"
WHEEL_VER = "0.37.1"
DL_64 = f"https://github.com/wh1te909/rmmagent/releases/download/v{LATEST_AGENT_VER}/winagent-v{LATEST_AGENT_VER}.exe"
DL_32 = f"https://github.com/wh1te909/rmmagent/releases/download/v{LATEST_AGENT_VER}/winagent-v{LATEST_AGENT_VER}-x86.exe"
DL_64 = f"https://github.com/amidaware/rmmagent/releases/download/v{LATEST_AGENT_VER}/winagent-v{LATEST_AGENT_VER}.exe"
DL_32 = f"https://github.com/amidaware/rmmagent/releases/download/v{LATEST_AGENT_VER}/winagent-v{LATEST_AGENT_VER}-x86.exe"
EXE_GEN_URL = "https://agents.tacticalrmm.com"

2
api/tacticalrmm/tacticalrmm/utils.py
View File

@ -232,7 +232,7 @@ KnoxAuthMiddlewareStack = lambda inner: KnoxAuthMiddlewareInstance(
def get_latest_trmm_ver() -> str:
url = "https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/api/tacticalrmm/tacticalrmm/settings.py"
url = "https://raw.githubusercontent.com/amidaware/tacticalrmm/master/api/tacticalrmm/tacticalrmm/settings.py"
try:
r = requests.get(url, timeout=5)
except:

2
backup.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
SCRIPT_VERSION="17"
SCRIPT_URL='https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/backup.sh'
SCRIPT_URL='https://raw.githubusercontent.com/amidaware/tacticalrmm/master/backup.sh'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'

2
docker/install.sh
View File

@ -8,7 +8,7 @@ temp="/tmp/tactical"
args="$*"
version="latest"
branch="master"
repo="wh1te909"
repo="amidaware"
branchRegex=" --branch ([^ ]+)"
if [[ " ${args}" =~ ${branchRegex} ]]; then

4
docker/readme.md
View File

@ -25,8 +25,8 @@ You will need to add DNS entries so that the three subdomains resolve to the IP
Get the docker-compose and .env.example file on the host you which to install on
```
wget https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/docker/docker-compose.yml
wget https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/docker/.env.example
wget https://raw.githubusercontent.com/amidaware/tacticalrmm/master/docker/docker-compose.yml
wget https://raw.githubusercontent.com/amidaware/tacticalrmm/master/docker/.env.example
mv .env.example .env
```

2
docker/tactical-cli
View File

@ -150,7 +150,7 @@ FIRST_ARG="$1"
# defaults
DOCKER_REPO="tacticalrmm/"
REPO="wh1te909"
REPO="amidaware"
BRANCH="master"
VERSION="latest"

46
docs/docs/3rdparty_anydesk.md
View File

@ -1,46 +0,0 @@
# AnyDesk
## AnyDesk Integration
!!!info
You can setup a full automation policy to collect the machine GUID but this example will collect from just one agent for testing purposes.
From the UI go to **Settings > Global Settings > CUSTOM FIELDS > Agents**
Add Custom Field</br>
**Target** = `Agent`</br>
**Name** = `AnyNetID`</br>
**Field Type** = `Text`</br>
![Service Name](images/3rdparty_anydesk1.png)
While in Global Settings go to **URL ACTIONS**
Add a URL Action</br>
**Name** = `AnyDesk Control`</br>
**Description** = `Connect to a AnyDesk Session`</br>
**URL Pattern** =
```html
anydesk:{{agent.AnyNetID}}
```
Navigate to an agent with AnyDesk running (or apply using **Settings > Automation Manager**).</br>
Go to Tasks.</br>
Add Task</br>
**Select Script** = `AnyDesk - Get AnyNetID for client` (this is a builtin script from script library)</br>
**Descriptive name of task** = `Collects the AnyNetID for AnyDesk.`</br>
**Collector Task** = `CHECKED`</br>
**Custom Field to update** = `AnyNetID`</br>
![Service Name](images/3rdparty_anydesk2.png)
Click **Next**</br>
Check **Manual**</br>
Click **Add Task**
Right click on the newly created task and click **Run Task Now**.
Give it a second to execute then right click the agent that you are working with and go to **Run URL Action > AnyDesk Control**
It launch the session in AnyDesk.

34
docs/docs/3rdparty_bitdefender_gravityzone.md
View File

@ -1,34 +0,0 @@
# BitDefender GravityZone Deployment
## How to Deploy BitDefender GravityZone
From the UI go to **Settings > Global Settings > CUSTOM FIELDS > Clients**
Add a Custom Field</br>
First: </br>
**Target** = `CLIENTS`</br>
**Name** = `bdurl`</br>
**Field Type** = `Text`</br>
![Service Name](images/3rdparty_bdg_RmmCustField.png)
Log into your GravityZone and on the left hand side, select "Packages" under "Network".
![Service Name](images/3rdparty_bdg_Packages.png)
Select the client you are working with and click "Send Download Links" at the top. </br>
![Service Name](images/3rdparty_bdg_DownloadLink.png)
Copy the appropriate download link
![Service Name](images/3rdparty_bdg_LinkCopy.png)
Paste download link into the `bdurl` when you right click your target clients name in the RMM.
![Service Name](images/3rdparty_bdg_CustFieldLink.png)
Right click the Agent you want to deploy to and **Run Script**. Select **BitDefender GravityZone Install** and set timeout for 1800 seconds.
**Install time will vary based on internet speed and other AV removal by BitDefender BEST deployment**

9
docs/docs/3rdparty_grafana.md
View File

@ -1,9 +0,0 @@
# Adding Grafana to Tactical RMM
Adding graphical Dashboards to Tactical.
See <https://github.com/dinger1986/TRMM-Grafana>
![Example1](images/3rdparty_grafana_ex1.png)
![Example1](images/3rdparty_grafana_ex2.png)

109
docs/docs/3rdparty_screenconnect.md
View File

@ -1,109 +0,0 @@
# Screenconnect / Connectwise Control
## Connectwise Control Integration
!!!info
To make this work you will need the name of a the Service from one of your agents running a Screen Connect Guest.
!!!info
You can setup a full automation policy to collect the machine GUID but this example will collect from just one agent for testing purposes.
From the UI go to **Settings > Global Settings > CUSTOM FIELDS > Agents**
Add Custom Field</br>
**Target** = `Client`</br>
**Name** = `ScreenConnectService`</br>
**Field Type** = `Text` </br>
**Default Value** = `The name of your SC Service eg. ScreenConnect Client (XXXXXXXXXXXXXXXXX)`</br>
![Service Name](images/3rdparty_screenconnect1.png)
Add Custom Field</br>
**Target** = `Agent`</br>
**Name** = `ScreenConnectGUID`</br>
**Field Type** = `Text`</br>
![Service Name](images/3rdparty_screenconnect2.png)
While in Global Settings go to **URL ACTIONS**
Add a URL Action</br>
**Name** = `ScreenConnect`</br>
**Description** = `Launch Screen Connect Session`</br>
**URL Pattern** =
```html
https://<your_screenconnect_fqdn_with_port>/Host#Access/All%20Machines//{{agent.ScreenConnectGUID}}/Join
```
![Service Name](images/3rdparty_screenconnect3.png)
Navigate to an agent with ConnectWise Service running (or apply using **Settings > Automation Manager**).</br>
Go to Tasks.</br>
Add Task</br>
**Select Script** = `ScreenConnect - Get GUID for client` (this is a builtin script from script library)</br>
**Script argument** = `-serviceName {{client.ScreenConnectService}}`</br>
**Descriptive name of task** = `Collects the Machine GUID for ScreenConnect.`</br>
**Collector Task** = `CHECKED`</br>
**Custom Field to update** = `ScreenConectGUID`</br>
![Service Name](images/3rdparty_screenconnect4.png)
Click **Next**</br>
Check **Manual**</br>
Click **Add Task**
Right click on the newly created task and click **Run Task Now**.
Give it a second to execute then right click the agent that you are working with and go to **Run URL Action > ScreenConnect**
It should ask you to sign into your Connectwise Control server if you are not already logged in and launch the session.
*****
## Install Screenconnect via Tactical
Use the [Screenconnect AIO script](https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_ScreenConnectAIO.ps1)
![AIO](images/3rdparty_sc_aio.png)
## Install Tactical RMM via Screeconnect commands window
1. Create a Deplopment under **Agents > Manage Deployments**
2. Replace `<deployment URL>` below with your Deployment Download Link.
**x64**
```cmd
#!ps
#maxlength=500000
#timeout=600000
Invoke-WebRequest "<deployment URL>" -OutFile ( New-Item -Path "C:\temp\trmminstallx64.exe" -Force )
$proc = Start-Process c:\temp\trmminstallx64.exe -ArgumentList '-silent' -PassThru
Wait-Process -InputObject $proc
if ($proc.ExitCode -ne 0) {
Write-Warning "$_ exited with status code $($proc.ExitCode)"
}
Remove-Item -Path "c:\temp\trmminstallx64.exe" -Force
```
**x86**
```cmd
#!ps
#maxlength=500000
#timeout=600000
Invoke-WebRequest "<deployment URL>" -OutFile ( New-Item -Path "C:\temp\trmminstallx86.exe" -Force )
$proc = Start-Process c:\temp\trmminstallx86.exe -ArgumentList '-silent' -PassThru
Wait-Process -InputObject $proc
if ($proc.ExitCode -ne 0) {
Write-Warning "$_ exited with status code $($proc.ExitCode)"
}
Remove-Item -Path "c:\temp\trmminstallx86.exe" -Force
```
*****

42
docs/docs/3rdparty_splashtop.md
View File

@ -1,42 +0,0 @@
# Splashtop
## Splashtop Integration
From the UI go to **Settings > Global Settings > CUSTOM FIELDS > Agents**
Add Custom Field</br>
**Target** = `Agent`</br>
**Name** = `SplashtopSUUID`</br>
**Field Type** = `Text`</br>
![Service Name](images/3rdparty_splashtop1.png)
While in Global Settings go to **URL ACTIONS**
Add a URL Action</br>
**Name** = `Splashtop`</br>
**Description** = `Connect to a Splashtop client`</br>
**URL Pattern** =
```html
st-business://com.splashtop.business?account=&uuid={{agent.SplashtopSUUID}}&sessiontype=remote
```
Navigate to an agent with Splashtop running (or apply using **Settings > Automation Manager**).</br>
Go to Tasks.</br>
Add Task</br>
**Select Script** = `Splashtop - Get SUUID for client` (this is a builtin script from script library)</br>
**Descriptive name of task** = `Obtain Splashtop SUUID from device registry.`</br>
**Collector Task** = `CHECKED`</br>
**Custom Field to update** = `SplashtopSUUID`</br>
![Service Name](images/3rdparty_splashtop2.png)
Click **Next**</br>
Check **Manual**</br>
Click **Add Task**
Right click on the newly created task and click **Run Task Now**.
Give it a second to execute then right click the agent that you are working with and go to **Run URL Action > Splashtop**

46
docs/docs/3rdparty_teamviewer.md
View File

@ -1,46 +0,0 @@
# TeamViewer
## TeamViewer Integration
!!!info
You can setup a full automation policy to collect the machine GUID but this example will collect from just one agent for testing purposes.
From the UI go to **Settings > Global Settings > CUSTOM FIELDS > Agents**
Add Custom Field</br>
**Target** = `Agent`</br>
**Name** = `TeamViewerClientID`</br>
**Field Type** = `Text`</br>
![Service Name](images/3rdparty_teamviewer1.png)
While in Global Settings go to **URL ACTIONS**
Add a URL Action</br>
**Name** = `TeamViewer Control`</br>
**Description** = `Connect to a Team Viewer Session`</br>
**URL Pattern** =
```html
https://start.teamviewer.com/device/{{agent.TeamViewerClientID}}/authorization/password/mode/control
```
Navigate to an agent with TeamViewer running (or apply using **Settings > Automation Manager**).</br>
Go to Tasks.</br>
Add Task</br>
**Select Script** = `TeamViewer - Get ClientID for client` (this is a builtin script from script library)</br>
**Descriptive name of task** = `Collects the ClientID for TeamViewer.`</br>
**Collector Task** = `CHECKED`</br>
**Custom Field to update** = `TeamViewerClientID`</br>
![Service Name](images/3rdparty_teamviewer2.png)
Click **Next**</br>
Check **Manual**</br>
Click **Add Task**
Right click on the newly created task and click **Run Task Now**.
Give it a second to execute then right click the agent that you are working with and go to **Run URL Action > TeamViewer Control**
It launch the session and possibly promt for password in TeamViewer.

144
docs/docs/av.md
View File

@ -1,144 +0,0 @@
# Antivirus
They are usually fraught with false-positives because we live in a world of complex greys, not black and white.
At the moment, Microsoft Windows Defender thinks a go executable with virtually nothing in it is the "Trojan:Win32/Wacatac.B!ml" virus <https://old.reddit.com/r/golang/comments/s1bh01/goexecutables_and_windows_defender/>
At Tactical we recommend:
1. No 3rd party AV
2. Use the `Defender Status Report` script (Task > Run Daily - Use Automation manager) to monitor machines: <https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_Defender_Status_Report.ps1>
3. If you want to lock a system down, run the `Defender Enable` script (test in your environment, because it can stop Microsoft Office from opening docs) that will turn on Protected Folders: <https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_Defender_Enable.ps1> and you will be extremely safe. Annoyed, but safe. Use [this](https://github.com/amidaware/trmm-awesome/blob/main/scripts/Windows_Defender_Allowed_List.ps1) as an Exclusion List for Protected Folders items.
Be aware there is also [a powershell script](https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_TRMM_AV_Update_Exclusion.ps1) to add TRMM exclusions specific to Windows Defender
!!!note
If you need to use 3rd party AV, add the necessary exclusions (see below for examples) and submit the exe's as safe
## Bitdefender Gravityzone
Admin URL: <https://cloud.gravityzone.bitdefender.com/>
To exclude URLs: Policies > {policy name} > Network Protection > Content Control > Settings > Exclusions
![Web Exclusions](images/avbitdefender_gravityzone_exclusions0.png)
![Web Exclusions](images/avbitdefender_gravityzone_exclusions1.png)
![Web Exclusions](images/avbitdefender_gravityzone_exclusions2.png)
## Webroot
Admin URL:
![Web Exclusions](images/avwebroot.png)
![Web Exclusions](images/avwebroot5.png)
![Web Exclusions](images/avwebroot4.png)
![Web Exclusions](images/avwebroot3.png)
![Web Exclusions](images/avwebroot2.png)
![Web Exclusions](images/avwebroot1.png)
## Sophos
### Sophos Central Admin
Go To Global Settings >> General >> Global Exclusions >> Add Exclusion
![Agent Exclusions](images/sophoscascreen1.png)
![Agent Exclusions](images/sophoscascreen2.png)
![Agent Exclusions](images/sophoscascreen3.png)
![Agent Exclusions](images/sophoscascreen4.png)
![Agent Exclusions](images/sophoscascreen5.png)
![Agent Exclusions](images/sophoscascreen6.png)
![Agent Exclusions](images/sophoscascreen7.png)
### Sophos XG Firewall
![Agent Exclusions](images/sophoscascreen1.png)
Log into Sophos Central Admin
Admin URL: <https://cloud.sophos.com/>
Log into the Sophos XG Firewall
Go To System >> Hosts and services >> FQDN Host Group and create a new group
![FW Exclusions](images/sophosxgscreen1.png)
Go To System >> Hosts and services >> FQDN Host
Create the following 3 hosts and add each to your FQDN host group.
- api.yourdomain.com
- mesh.yourdomain.com
- rmm.yourdomain.com (Optional if you want your client to have GUI access to Tactical RMM)
![FW Exclusions](images/sophosxgscreen2.png)
![FW Exclusions](images/sophosxgscreen3.png)
Go To Hosts and services >> Services and create the following services
- Name: Tactical-Service-4222
- Protocol: TCP
- Source port: 1:65535
- Destination port: 4222
- Name: Tactical-Service-443
- Protocol: TCP
- Source port: 1:65535
- Destination port: 443
![FW Exclusions](images/sophosxgscreen4.png)
![FW Exclusions](images/sophosxgscreen5.png)
Go To Hosts and services >> Service group and create the following service group
![FW Exclusions](images/sophosxgscreen6.png)
Go To Protect >> Rules and policies and add a firewall rule
- Rule name: Tactical Rule
- Rule position: Top
- Source zones: LAN
- Source networks: ANY
- Destination zones: WAN
- Destination networks: Your FQDN Host Group
- Services: Tactical Services
![FW Exclusions](images/sophosxgscreen7.png)
![FW Exclusions](images/sophosxgscreen8.png)
Optionally select Log Firewall Traffic checkbox for troubleshooting.
## ESET ESMC Console
There are two spots:
1. In the Detection Engine -> Performance Exclusions
2. Web Access Protection -> URL Address Management
![Web Exclusions](images/esetesmc1.png)
![Web Exclusions](images/esetesmc2.png)
![Web Exclusions](images/esetesmc3.png)
![Web Exclusions](images/esetesmc4.png)
![Web Exclusions](images/esetesmc5.png)

47
docs/docs/backup.md
View File

@ -1,47 +0,0 @@
## Backing up the RMM
!!!note
This is only applicable for the standard install, not Docker installs.
A backup script is provided for quick and easy way to backup all settings into one file to move to another server.
Download the backup script:
```bash
wget -N https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/backup.sh
```
From the Web UI, click **Tools > Server Maintenance**
Choose **Prune DB Tables** from the dropdown and check the `Audit Log` and `Pending Actions` checkboxes, and then click **Submit**
Doing a prune first before running the backup will significantly speed up the postgres vacuum command that is run during backup.
Run the backup script
```bash
chmod +x backup.sh
./backup.sh
```
The backup tar file will be saved in `/rmmbackups` with the following format:
`rmm-backup-CURRENTDATETIME.tar`
## Schedule to run daily via cron
Make a symlink in `/etc/cron.d` (daily cron jobs) with these contents `00 18 * * * tactical /rmm/backup.sh` to run at 6pm daily.
```bash
echo -e "\n" >> /rmm/backup.sh
sudo ln -s /rmm/backup.sh /etc/cron.daily/
```
!!!warning
Currently the backup script doesn't have any pruning functions so the folder will grow forever without periodic cleanup
## Video Walkthru
<div class="video-wrapper">
<iframe width="320" height="180" src="https://www.youtube.com/embed/rC0NgYJUf_8" frameborder="0" allowfullscreen></iframe>
</div>

21
docs/docs/code_signing.md
View File

@ -1,21 +0,0 @@
# Code Signing
*Version added: Tactical RMM v0.6.0 / Agent v1.5.0*
Tactical RMM agents are now [code signed](https://comodosslstore.com/resources/what-is-microsoft-authenticode-code-signing-certificate/)!
To get access to code signed agents, you must be a [Github Sponsor](https://github.com/sponsors/wh1te909) with a minumum **monthly** donation of $50.00. If you signup for the $50, and then downgrade your auth token _**will be**_ invalidated and stop working.
Once you have become a sponsor, please email **support@amidaware.com** with your Github username (and Discord username if you're on our [Discord](https://discord.gg/upGTkWp))
Please allow up to 24 hours for a response
You will then be sent a code signing auth token, which you should enter into Tactical's web UI from *Settings > Code Signing*
## How does it work?
Everytime you generate an agent or an agent does a self-update, your self-hosted instance sends a request to Tactical's code signing servers with your auth token.
If the token is valid, the server sends you back a code signed agent. If not, it sends you back the un-signed agent.
If you think your auth token has been compromised or stolen then please email support or contact wh1te909 on discord to get a new token / invalidate the old one.

29
docs/docs/contributing.md
View File

@ -1,29 +0,0 @@
# Contributing
## Contributing to the docs
Docs are built with [MKDocs for Material](https://squidfunk.github.io/mkdocs-material/)
To setup a local environment to add/edit to this documentation site:
```bash
mkdir ~/rmmdocs && cd ~/rmmdocs
git clone https://github.com/wh1te909/tacticalrmm.git .
python3 -m venv env
source env/bin/activate
pip install --upgrade pip
pip install --upgrade setuptools wheel
pip install -r api/tacticalrmm/requirements-dev.txt
cd docs
mkdocs serve
```
Open your browser and navigate to `http://yourserverip:8005`
Add/edit markdown files in the `docs/docs` folder and you'll see live changes at the url above.
Edit `docs/mkdocs.yml` to edit structure and add new files.
Full mkdocs documentation [here](https://squidfunk.github.io/mkdocs-material/getting-started/)
Once finished, [create a pull request](https://www.digitalocean.com/community/tutorials/how-to-create-a-pull-request-on-github) to the `develop` branch for review.

154
docs/docs/contributing_community_scripts.md
View File

@ -1,154 +0,0 @@
# Community Scripts
## Script Library Naming Conventions
### File names
Under `/scripts` the file name should generally follow this format:
```text
(Platform)_(Category or Function)_(What It Does).xxx
```
!!!info
Although Tactical RMM only has a Windows agent for now, we're planning for a future with more platform support
Platform for now are:
```text
Win
OSX
Linux
iOS
Android
```
Good filename examples include:
```text
Win_Azure_Mars_Cloud_Backup_Status.ps1
Win_AzureAD_Check_Connection_Status.ps1
Win_Network_DHCP_Set.bat
Win_Network_DNS_Set_to_1.1.1.2.ps1
```
!!!info
This is so that at a glance you can see if there is already a script with that function, and you can avoid duplication of functionality. If you can improve a script or allow Script Arguments/Parameters update existing if possible
### Name field (in community_scripts.json)
Consider they are viewed in 3 different locations:
Script Manager
- List View (sortable by any column)
- Folder View (Grouped by Categories)
Run or Add script
- Running scripts manually or adding tasks (or adding in Automation Manager)
!!!info
A good max length is 50-60 chars or less for display in these 3 locations
Make sure your Name roughly follows the order of file naming as above
```text
Category or Function - What It Does
```
Consider how the alphabetic sort will affect display
![json_name_examples](images/community_scripts_name_field_example1.png)
*****
## Making Script Files
### Good Habits
- Try and make them fully self-contained.
- If they pull data from elsewhere, create comment notes at the top with references for others to audit/validate
- Good folder locations to use for standardized things:
```text
c:\ProgramData\TacticalRMM\
c:\ProgramData\TacticalRMM\scripts
c:\ProgramData\TacticalRMM\toolbox
c:\ProgramData\TacticalRMM\logs
c:\ProgramData\TacticalRMM\temp
c:\ProgramData\TacticalRMM\
```
- Command Parameters are good. Optional command parameters for extra functions are better.
- Add standardized Comment headers to scripts (include the first 2, more if appropriate):
```powershell
<#
.Synopsis
Short description
eg Check IP address
.DESCRIPTION
Long description
eg Checks IP address on all local network adapters, and returns results
.EXAMPLE
Example of how to use this cmdlet
.EXAMPLE
Another example of how to use this cmdlet
.INPUTS
Inputs to this cmdlet (if any)
.OUTPUTS
Output from this cmdlet (if any)
.NOTES
General notes
eg v1.0
.COMPONENT
The component this cmdlet belongs to
.ROLE
The role this cmdlet belongs to
.FUNCTIONALITY
The functionality that best describes this cmdlet
#>
```
### Bad Habits
- Assumes non-standard configurations
- Doesn't play well with other community scripts (reused names etc.)
*****
## Script Parameters
## Useful Reference Script Examples
RunAsUser (since Tactical RMM runs as system)
[https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_Display_Message_To_User.ps1](https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_Display_Message_To_User.ps1)
Command Paramater Ninja
[https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_ScreenConnectAIO.ps1](https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_ScreenConnectAIO.ps1)
Optional Command Parameters and testing for errors
[https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_Rename_Computer.ps1](https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_Rename_Computer.ps1)
*****
## Volunteers Needed
If you want to contribute back to the project there are a lot of scripts that need some TLC (Tender Loving Care) please paruse thru them in The Script WIP (Work In Progress): [https://github.com/wh1te909/tacticalrmm/tree/develop/scripts_wip](https://github.com/wh1te909/tacticalrmm/tree/develop/scripts_wip)
Discuss/ask questions in the Discord group [here](https://discord.com/channels/736478043522072608/744281869499105290)
What you can add is:
- Add standardized Comment headers per above
- Parameterize scripts where appropriate
- Add $ExitCode and error conditions as appropriate
- Contact @silversword in Discord if you need help doing Github additions/edits/adding to the community Library and have questions about [Script Library Naming Conventions](#script-library-naming-conventions)

116
docs/docs/contributing_using_a_remote_server.md
View File

@ -1,116 +0,0 @@
# Contributing Using a Remote Server
The below instructions are for a non-production server that has Tactical RMM installed and configured with a real domain. You can then use your own GitHub to push changes to and then submit a PR request to the TRMM `develop` branch (<https://github.com/wh1te909/tacticalrmm>).
!!!warning
Do not attempt development of this kind on your production server.
## Install Tacticall RMM
### 1. Traditional install
This guide assumes you have done a [Traditional Install](install_server.md).
### 2. Install VSCode and Extensions
Download VSCode [here](https://code.visualstudio.com/download)
Download the Remote SSH Development Pack [here](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.vscode-remote-extensionpack)
## Configure the Remote Development Server
### 1. Connect
The remote development server should already have Tactical RMM installed via the traditional install method.
After the extension pack is installed in VSCode you will have a new button at the bottom-left of VSCode. You can select it and add your remote SSH host information.
![RemoteSSH](images/Remote_SSH_connection.png)
### 2. Configure
Configuring a remote server for development work is necessary so that as you make changes to the code base it will automatically refresh and you can see the changes. It may be necessary to do a full browser refresh if changing styles.
Disable RMM and Daphne services
```bash
sudo systemctl disable --now rmm.service && sudo systemctl disable --now daphne.service
```
Open /rmm/web/.env and make it look like the following
```bash
DEV_URL = "http://api.EXAMPLE.COM:8000"
APP_URL = "http://rmm.EXAMPLE.COM:8080"
```
Open /rmm/api/tacticalrmm/tacticalrmm/local_settings.py
```bash
change DEBUG = True
```
Remove
```bash
CORS_ORIGIN_WHITELIST list
```
Add
```bash
CORS_ORIGIN_ALLOW_ALL = True
```
Add the following to the ALLOWED HOSTS
```bash
rmm.EXAMPLE.COM
```
cd /rmm/api/tacticalrmm/
```bash
source ../env/bin/activate
```
Install requirements
```bash
pip install -r requirements-dev.txt -r requirements-test.txt
```
Start Django backend
```bash
python manage.py runserver 0:8000
```
Open a new terminal and compile quasar frontend
```bash
cd /rmm/web
npm install
npm install -g @quasar/cli
quasar dev
```
!!!info
If you receive a CORS error when trying to log into your server via localhost or IP, try the following
```bash
rm -rf node_modules .quasar
npm install
quasar dev
```
You should now have a localhost and IP based URL to view that has a live reload feature.
## Configure GitHub with VSCode
!!!info Make sure you are submitting Pull Requests to the develop branch.
Follow this guide for a good introduction to GitHub: <https://www.digitalocean.com/community/tutorials/how-to-create-a-pull-request-on-github>
Make sure u are on develop branch
```bash
git checkout develop
```
git remote -v should look like the following
```bash
origin https://github.com/yourusername/tacticalrmm.git (fetch)
origin https://github.com/yourusername/tacticalrmm.git (push)
upstream https://github.com/wh1te909/tacticalrmm.git (fetch)
upstream https://github.com/wh1te909/tacticalrmm.git (push)
```
You will commit the change to your GitHub and from within GitHub you can then submit a PR to the develop branch of wh1te909 Tactical RMM.
More to come...

51
docs/docs/contributing_using_browser.md
View File

@ -1,51 +0,0 @@
# Contributing Using Web Browser
## Getting Started
### 1. Fork Project in Github
This is making a duplicate of the code under your Github that you can edit
<https://github.com/wh1te909/tacticalrmm>
![ForkIt](images/vscode-forkit.png)
### 2. Make Edits
Make some changes
![Edit](images/contribute_browser_make_changes.png)
![Edit](images/contribute_browser_make_changes2.png)
### 3. Request your changes to be pulled into the primary repo (Pull Request)
![Changes you've made need integration with master repo](images/trmm_contribute-notice.png)
This is taking your changes and requesting they be integrated into the Tactical RMM develop branch.
#### 3a. Check the status of your PR
Look at a summary of the changes you've requested, monitor for them to be accepted, or commented on.
<https://github.com/wh1te909/tacticalrmm/pulls>
Once they're accepted you can either:
* Delete your fork
* Sync your local fork
#### 4. Sync your fork
<https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/syncing-a-fork>
Bring changes from original repo to your fork so you're current with changes made in original Github repo
![Sync Fork](images/trmm_need_sync_local_fork.png)
#### 5. Lather, Rinse, Repeat
Goto Step 2. and contribute some more
## Notes
After your changes are accepted, they won't be live in Tactical RMM until there is a new [release](https://github.com/wh1te909/tacticalrmm/releases). #BePatient

113
docs/docs/contributing_using_devbox.md
View File

@ -1,113 +0,0 @@
Hidden docs, needs work
For local Hyper-v Devbox notes
From https://raw.githubusercontent.com/silversword411/tacticalrmm-devdocs
Needs an official install_devbox.sh script
# Setup local devbox in hyper-v VM
## Install Ubuntu 20.04 LTS
Don't forget to
```bash
sudo apt-get updates && sudo apt-get upgrade
```
### Optional
Set all users in sudo group not to require password every time:
```bash
sudo visudo
```
Add this:
```
%sudo ALL=(ALL) NOPASSWD: ALL
```
## Download customized install script and tweak
Create folder to dump into
```bash
sudo mkdir /rmm
sudo chown ${USER}:${USER} -R /rmm
cd /rmm
```
Get dev install script
```bash
wget https://raw.githubusercontent.com/silversword411/tacticalrmm-devdocs/blob/main/install_devbox.sh
```
Edit, and search for `REPLACEMEWITHYOURFORKEDREPOURL`
and replace with your forked repo URL (example commented out below)
## Run it
```bash
./install_devbox.sh
```
## Watch for
![Image](images/installcomplete.png)
!!!Note Unlike regular installs, don't worry about the QR code
## Celebrate
![Image](images/celebrate.gif)
# Misc commands
### Start mkdocs on dev box
```bash
cd /rmm/api
source env/bin/activate
pip install --upgrade pip
pip install --upgrade setuptools wheel
pip install -r tacticalrmm/requirements-dev.txt
cd /rmm/docs
mkdocs serve
```
### Running tests locally
Prep and update
```bash
source /rmm/api/env/bin/activate
cd /rmm/api/tacticalrmm
pip install -r requirements.txt
```
Then run tests
```bash
python manage.py test
```
## Misc Notes
### Spinning up front end web interface in development
```bash
cd /web
npm run serve
```

89
docs/docs/contributing_using_docker.md
View File

@ -1,89 +0,0 @@
# Contributing using Docker
## Install WSL2
<https://docs.microsoft.com/en-us/windows/wsl/install-win10>
## Install Docker Desktop
<https://www.docker.com/products/docker-desktop>
### Configure Docker
Make sure it doesn't look like this
![img](images/docker_WSL2_distros_missing.png)
This is better
![img](images/docker_with_ubuntu-20.04.png)
### Check and make sure WSL is v2 and set Ubuntu as default
[https://docs.microsoft.com/en-us/windows/wsl/install-win10#set-your-distribution-version-to-wsl-1-or-wsl-2](https://docs.microsoft.com/en-us/windows/wsl/install-win10#set-your-distribution-version-to-wsl-1-or-wsl-2)
![img](images/wls2_upgrade_and_set_default.png)
## Install VSCode Extensions
[Remote - Containers](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers)
[Docker](https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-docker)
## Connect to WSL and clone your Github fork
![Connect to WSL](images/vscode_wsl_docker_setup1.png)
![Clone Repo](images/vscode_wsl_docker_setup2.png)
## Create .env file
Under .devcontainer duplicate
```text
.env.example
```
as
```text
.env
```
Customize to your tastes (it doesn't need to be internet configured, just add records in your `hosts` file) eg
```conf
127.0.0.1 rmm.example.com
127.0.0.1 api.example.com
127.0.0.1 mesh.example.com
```
## Launch your Dev VM in Docker
Right-click `docker-compose.yml` and choose `Compose Up`
Wait, it'll take a while as docker downloads all the modules and gets running.
## Develop
You're operational!
!!!note
Self-signed certs are in your dev environment. Navigate to <https://api.example.com> and <https://rmm.example.com> and accept the self signed certs to get rid of errors.
### View mkdocks live edits in browser
Change stuff in `/docs/docs/`
mkdocs is Exposed on Port: 8005
Open: [http://rmm.example.com:8005/](http://rmm.example.com:8005/)
!!!note
If you add new mkdocs extensions you might need to:<br>
- docker-compose down.<br>
- Then delete the `/api/tacticalrmm/env/` folder.<br>
- Then docker-compose up and it will download/rebuild new extensions
### View django administration
Open: [http://rmm.example.com:8000/admin/](http://rmm.example.com:8000/admin/)

119
docs/docs/contributing_using_vscode.md
View File

@ -1,119 +0,0 @@
# Contributing Using VSCode
## Getting Started
### 1. Install vscode
<https://code.visualstudio.com/download>
### 2. Fork Project in Github
This is making a duplicate of the code under your Github that you can edit
<https://github.com/wh1te909/tacticalrmm>
![ForkIt](images/vscode-forkit.png)
### 3. Add your (forked) repo to vscode
Clone repository
Login to your Github
Choose local folder
#### 3a. Install extra vscode Extensions
GitLens
Remote - SSH
### 4. Open Terminal
<https://code.visualstudio.com/docs/editor/integrated-terminal>
```text
Ctrl+`
```
### 5. Configure a remote for your fork (in vscode)
<https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/configuring-a-remote-for-a-fork>
Configure your local fork and tell it where the original code repo is so you can compare and merge updates later when official repo is updated
Check repos
```bash
git remote -v
```
Add upstream repo
```bash
git remote add upstream https://github.com/wh1te909/tacticalrmm
```
Confirm changes
```bash
git remote -v
```
### 6. Contribute code
Make changes to something.
`Commit` (update something) and notate what you did
`Push` (from your local vscode to your github fork)
Open browser and look at your repo (It should reflect your commit)
#### 6a. Request your changes to be pulled into the primary repo (Pull Request)
![Changes you've made need integration with master repo](images/trmm_contribute-notice.png)
In browser create pull request
### 7. Sync your local fork
<https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/syncing-a-fork>
Bring changes from original repo to your local vscode copy so you're current with changes made in original Github repo
![Sync Fork](images/trmm_need_sync_local_fork.png)
In VSCode open TERMINAL
```text
Ctrl+`
```
Tell git to pull from the GitHub upstream repo all new changes into your local directory
```bash
git pull --rebase upstream develop
```
#### 7a. Push your local updated copy to your Github fork
Then you're `push`ing that updated local repo to your online Github fork
![Sync push/pulls](images/trmm_vscode_git_pending.png)
### 8. Verify and Repeat
Check your Github fork in browser, should be up to date now with original. Repeat 6 or 7 as necessary
*****
## Reference
### Customizing the Admin Web Interface
Created using quasar, it's all your .vue files in `web/src/components/modals/agents/RunScript.vue`
Learn stuff here
<https://quasar.dev/>

74
docs/docs/example_nginx.md
View File

@ -1,74 +0,0 @@
example of `/etc/nginx/sites-available/rmm.conf`
**DO NOT COPY PASTE INTO YOUR SERVER ONLY USE AS A REFERENCE**
```
server_tokens off;
upstream tacticalrmm {
server unix:////rmm/api/tacticalrmm/tacticalrmm.sock;
}
map $http_user_agent $ignore_ua {
"~python-requests.*" 0;
"~go-resty.*" 0;
default 1;
}
server {
listen 80;
server_name api.example.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name api.example.com;
client_max_body_size 300M;
access_log /rmm/api/tacticalrmm/tacticalrmm/private/log/access.log combined if=$ignore_ua;
error_log /rmm/api/tacticalrmm/tacticalrmm/private/log/error.log;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
location /static/ {
root /rmm/api/tacticalrmm;
}
location /private/ {
internal;
add_header "Access-Control-Allow-Origin" "https://rmm.example.com";
alias /rmm/api/tacticalrmm/tacticalrmm/private/;
}
location ~ ^/(natsapi) {
allow 127.0.0.1;
deny all;
uwsgi_pass tacticalrmm;
include /etc/nginx/uwsgi_params;
uwsgi_read_timeout 500s;
uwsgi_ignore_client_abort on;
}
location ~ ^/ws/ {
proxy_pass http://unix:/rmm/daphne.sock;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location / {
uwsgi_pass tacticalrmm;
include /etc/nginx/uwsgi_params;
uwsgi_read_timeout 9999s;
uwsgi_ignore_client_abort on;
}
}
```

134
docs/docs/faq.md
View File

@ -1,134 +0,0 @@
# FAQ
## Is Tactical RMM vulnerable to Log4j
No
## Why isn't the agent source available?
<https://discord.com/channels/736478043522072608/744281907361218630/925449414498222103>
It's one of those "this is why we can't have nice things". Unfortunately there are a ton of shady people out there only looking to steal and make a profit off of someone else's work and they tried very hard with tactical.
## Why isn't the Code Signing free?
It's one way we're trying to monetize and get dev's paid. We had github sponsors up for many months before code signing. Very few people donated, some $5 and $10. maybe $40 a month. Once we announced code signing, sponsors came in like crazy, and many people upgraded their $5 to a $50 so while I would like to believe people would gladly donate, that's just not the case. We already tried.
## Who is Amidaware LLC?
The Legal entity behind Tactical RMM
## Is it possible to use XXX with Tactical RMM
While it _may be possible_ to use XXX, we have not configured it and therefore it is [Unsupported](../unsupported_guidelines). We cannot help you configure XXX as it pertains to **your environment**.
## Is it possible to use XXX proxy server with Tactical RMM
If you wish to stray from the [easy install](../install_server/#option-1-easy-install) of a standard install in a VPS, you need to have the knowledge on how to troubleshoot your own custom environment.
The most common reasons you're running a proxy is:
1. Because you only have a single public IP and you already have something on Port 443. **Workaround**: Get another public IP from your ISP
2. Because you want to monitor traffic for security reasons: You're a [Networking Wizard](../unsupported_guidelines).
There are some [implementations](../unsupported_scripts) that others have done, but be aware it is [Unsupported](../unsupported_guidelines) and if you're requesting help in Discord please let us know in advance.
## How do I do X feature in the web UI?
A lot of features in the web UI are hidden behind right-click menus; almost everything has a right click menu so if you don't see something, try right clicking on it.
## Where are the Linux / Mac agents?
Linux / Mac agents are currently under development.
## Can I run Tactical RMM locally behind NAT **without** exposing my RMM server to the internet?
Yes, you will just need to setup local DNS for the 3 subdomains, either by editing host files on all your agents or through a local DNS server.
Similarly asked: Can I use onsite DNS servers (I dont want my server accessible from the internet).
Yes, you can use (only) internal DNS (if you want) for api, mesh and rmm domains. You don't have to put these records in your public DNS servers
**Note:** You still **must** have an internet resolvable domain name and add the DNS `TXT` record to its public DNS server for the Let's Encrypt wildcard cert request process that is part of the install process. This **does not** require any inbound connection from the internet (port forwarding etc) to be enabled. This does not expose your RMM server to the internet in any way. The Let's Encrypt wildcard is done for [nats](#self-signed-certs)
## I am locked out of the web UI. How do I reset my password?
SSH into your server and run:
```bash
/rmm/api/env/bin/python /rmm/api/tacticalrmm/manage.py reset_password <username>
```
## How do I reset password or 2 factor token?
From the web UI, click **Settings > User Administration** and then right-click on a user:
![reset2fa](images/reset2fa.png)
???+ note "Reset Password or 2FA token"
=== ":material-ubuntu: standard"
```bash
/rmm/api/env/bin/python /rmm/api/tacticalrmm/manage.py reset_2fa <username>
```
=== ":material-docker: docker"
```bash
docker exec -it trmm-backend /bin/bash
```
Then simply log out of the web UI and next time the user logs in they will be redirected to the 2FA setup page which will present a barcode to be scanned with the Authenticator app.
## How do I recover my MeshCentral login credentials?
From Tactical's web UI: *Settings > Global Settings > MeshCentral*
Copy the username then ssh into the server and run:
```bash
cd /meshcentral/
sudo systemctl stop meshcentral.service
node node_modules/meshcentral --resetaccount <username> --pass <newpassword>
sudo systemctl start meshcentral.service
```
## Help! I've been hacked there are weird agents appearing in my Tactical RMM
No, you haven't.
1. Your installer was scanned by an antivirus.
2. It didn't recognize the exe.
3. You have the option enabled to submit unknown applications for analysis.
![AV Option1](images/faq_av_option1.png)
4. They ran it against their virtualization testing cluster.
5. You allow anyone to connect to your rmm server (you should look into techniques to hide your server from the internet).
6. Here are some examples of what that looks like.
![AV Sandbox1](images/faq_av_sandbox1.png)
![AV Sandbox1](images/faq_av_sandbox2.png)
![AV Sandbox1](images/faq_av_sandbox3.png)
![AV Sandbox1](images/faq_av_sandbox4.png)
## DNS can't find record
Q. My dns isnt working
A. Make sure its correctly formatted, most DNS providers add in the domain automatically.
![DNS Examples](images/trmmdnsexample.png)
## Self-Signed Certs
Q. Why cant I use a self signed certificate for web etc.
A. NATS over TLS needs a real certificate signed with a trusted root certificate.
If you aren't a dev in a non-production environment, don't run nats with self signed certs: <https://docs.nats.io/running-a-nats-service/configuration/securing_nats/tls#self-signed-certificates-for-testing>

99
docs/docs/functions/alerting.md
View File

@ -1,99 +0,0 @@
# Alerting Overview
Alerting and notifications can be managed centrally using Alert Templates. All an alert template does is configure the Email, Text and Dashboard alert check boxes on Agents, Checks, and Automated Tasks.
Using Alert Templates also enables additional feature like:
- Periodic notifications if an alert is left unresolved
- Being able to notify on certain alert severities
- Sending notifications when an alert is resolved
- Executing scripts when an alert is triggered or resolved
[Setting up Email Alert Examples](email_alert.md)
## Supported Notifications
- **Email Alerts** - Sends email to configured set of email addresses
- **SMS Alerts** - Sends text messages to configured set of numbers
- **Dashboard Alerts** - A notification popup will show up and be visible in the dashboard
## Alert Severities
!!!info
Agent overdue alerts are always of severity Error
Alert severities are configured directly on the Check or Automated Task. When the Check/Automated Task fails, it will create an alert of the specified severity. The severity types are:
- Informational
- Warning
- Error
## Adding Alert Templates
To create an alert template, go to **Settings > Alerts Manager**. Then click **New**
The available options are:
### General Settings
- **Name** - The name that is used to identify the Alert Template in the dashboard
- **Email Recipients** - Sets the list of email recipients. If this isn't set the email recipients will global settings will be used.
- **From Email** - Sets the From email address of the notification. If this isn't set the From address from global settings is used.
- **SMS Recipients** - Sets the list of text recipients. If this isn't set the sms list from global settings is used.
### Action Settings
- **Failure Action** - Runs the selected script once on any agent. This is useful for running one-time tasks like sending an http request to an external system to create a ticket.
- **Failure Action Args** - Optionally pass in arguments to the failure script.
- **Failure Action Timeout** - Sets the timeout for the script.
- **Resolved Action** - Runs the selected script once on any agent if the alert is resolved. This is useful for running one-time tasks like sending an http request to an external system to close the ticket that was created.
- **Resolved Action Args** - Optionally pass in arguments to the resolved script.
- **Resolved Action Timeout** - Sets the timeout for the script.
#### Run actions only on:
- **Agents** - If Enabled, will run script failure/resolved actions on agent overdue alerts else no alert actions will be triggered for agent overdue alerts
- **Checks** - If Enabled, will run script failure/resolved actions on check alerts else no alert actions will be triggered check alerts
- **Tasks** - If Enabled, will run script failure/resolved actions on automated task alerts else no alert actions will be triggered automated task alerts
### Agent/Check/Task Failure Settings
- **Email** - When **Enabled**, will send an email notification and override the Email Alert checkbox on the Agent/Check/Task. When **Not Configured**, the Email Alert checkbox on the Agent/Check/Task will take effect. If **Disabled**, no email notifications will be sent and will override any Email alert checkbox on the Agent/Check/Task
- **Text** - When **Enabled**, will send a text notification and override the SMS Alert checkbox on the Agent/Check/Task. When **Not Configured**, the SMS Alert checkbox on the Agent/Check/Task will take effect. If **Disabled**, no SMS notifications will be sent and will override any SMS Alert checkbox on the Agent/Check/Task
- **Dashboard** - When **Enabled**, will send a dashboard notification and override the Dashboard Alert checkbox on the Agent/Check/Task. When **Not Configured**, the Dashboard Alert checkbox on the Agent/Check/Task will take effect. If **Disabled**, no SMS notifications will be sent and will override any Dashboard Alert checkbox on the Agent/Check/Task
- **Alert again if not resolved after (days)** - This sends another notification if the alert isn't resolved after the set amount of days. Set to 0 to disable this
- **Alert on severity** - Only applicable to Check and Task alert notifications. This will only send alerts when they are of the configured severity.
!!!info
Alert on Severity needs to be configured for check and task notifications to be sent!
### Agent/Check/Task Resolved Settings
- **Email** - If enabled, sends an email notification when an alert is resolved
- **Text** - If enabled, sends a text messaged when an alert is resolved
## Applying Alert Templates
Alert templates can be configured Globally, through an Automation Policy, or set directly on the Client or Site.
- To apply **Globally**, navigate to **Settings > Global Settings**. Set the **Alert Template** dropdown and save.
- You can configure an alert template on an automation policy by navigating to **Settings > Automation Manager**, and clicking the **Assign Alert Template** click on the policy, or right-clicking the policy and selecting **Assign Alert Template**
- To configure on a Client or Site, right-click on one in the Client/Site tree view and select **Assign Alert Template**
## Alert Template Exclusions
You can exclude Clients, Sites, and Agents from alert templates. To do this you can:
- right-click on the **Alert Template** in **Alerts Manager** and select **Exclusions**
- select the **Alert Exclusions** link in the Alert Template row.
You can also **Exclude Desktops** from the alert template. This is useful if you only care about servers.
## Alert Template inheritance
Alerts are applied in the following order. The agent picks the closest matching alert template.
1. Policy w/ Alert Template applied to Site
2. Site
3. Policy w/ Alert Template applied to Client
4. Client
5. Default Alert Template

112
docs/docs/functions/api.md
View File

@ -1,112 +0,0 @@
## API Access
*Version added: v0.8.3*
API Keys can be created to access any of TacticalRMM's api endpoints, which will bypass 2fa authentication
When creating the key you'll need to choose a user, which will reflect what permissions the key has based on the user's role.
Navigate to Settings > Global Settings > API Keys to generate a key
Headers:
```json
{
"Content-Type": "application/json",
"X-API-KEY": "J57BXCFDA2WBCXH0XTELBR5KAI69CNCZ"
}
```
Example curl request:
```bash
curl https://api.example.com/clients/ -H "X-API-KEY: Y57BXCFAA9WBCXH0XTEL6R5KAK69CNCZ"
```
## Enable Swagger
This will let you add a browser interface to see how you can use the api better.
Open `/rmm/api/tacticalrmm/tacticalrmm/local_settings.py` and add
```conf
SWAGGER_ENABLED = True
```
Restart django: `sudo systemctl restart rmm.service`
Then visit `https://api.example.com/api/schema/swagger-ui/` to see it in action.
???+ abstract "Example Code"
=== ":fontawesome-brands-python: Python"
Requests Windows Update check to run against agent ID
```python
import requests
API = "http://api.example.com"
HEADERS = {
"Content-Type": "application/json",
"X-API-KEY": "DKNRPTHSAPCKT8A36MCAMNZREWWWFPWI",
}
def trigger_update_scan():
agents = requests.get(f"{API}/agents/?detail=false", headers=HEADERS)
for agent in agents.json():
r = requests.post(f"{API}/winupdate/{agent['agent_id']}/scan/", headers=HEADERS)
print(r.json())
if __name__ == "__main__":
trigger_update_scan()
```
=== ":material-powershell: Powershell"
```powershell
# Example - Get all agents using API
$headers = @{
'X-API-KEY' = 'ABC1234567890987654321'
}
$url = "https://api.yourdomain.com/agents/"
$agentsResult = Invoke-RestMethod -Method 'Get' -Uri $url -Headers $headers -ContentType "application/json"
foreach ($agent in $agentsResult) {
Write-Host $agent
#Write-Host $agent.hostname
}
```
=== ":material-powershell: Powershell"
```powershell
# Example - Send powershell command to agent. Make sure to pass {{agent.agent_id}} as a parameter
param(
$AgentId
)
$headers = @{
'X-API-KEY' = 'ABC1234567890987654321'
}
$url = "https://api.yourdomain.com/agents/$AgentId/cmd/"
$body = @{
"shell" = "powershell"
"cmd" = "dir c:\\users"
"timeout" = 30
}
$commandResult = Invoke-RestMethod -Method 'Post' -Uri $url -Body ($body|ConvertTo-Json) -Headers $headers -ContentType "application/json"
Write-Host $commandResult
```

9
docs/docs/functions/automated_tasks.md
View File

@ -1,9 +0,0 @@
# Automated Tasks
## Collector Tasks
Collector tasks allow saving data from script output directly to a custom field. The collector task will only save the last line of standard output of the script.
You can create collector tasks by adding it to an Automation Policy or adding it directly to an agent. During creation, select the **Collector** checkbox and select the custom field to save to. You can only save to agent custom fields at this time.
See [Custom Fields](custom_fields.md) and [Scripting](scripting.md) for more information

36
docs/docs/functions/automation_policies.md
View File

@ -1,36 +0,0 @@
# Automation Policies
Automation policies in Tactical RMM allow for mass deployment of Checks, Automated Tasks, Patch Policies, and Alert Templates. You can apply Automation Policies to:
- Global Settings
- Client
- Site
- Agent
You can also see a list of Relations that show what policy is applied to what Clients | Sites | Agents
## Creating Automation Policies
In the dashboard, navigate to **Settings > Automation Manager**. Use the **Add** button to create a blank Automation Policy. The options available are:
- **Name** - The name that will be used to identify the automation policy in the dashboard
- **Description** - Optional description of the automation policy
- **Enabled** - Specifies if the automation policy is active or not
- **Enforced** - Specifies that the automation policy should overwrite any conflicting checks configured directly on the agent
## Policy Inheritance
They get applied in this order:
1. Global Settings
2. Client
3. Site
4. Agent
and at each level you can Block policy inheritance from the level above using checkboxes in the appropriate screens.
## Adding Windows Patch Management Policy
Under the Automation Manager you can create a Patch Policy and control what patches are applied, when, and if the computer is rebooted after.
!!!note
Most "regular" Windows patches are listed in the "Other" category.

56
docs/docs/functions/custom_fields.md
View File

@ -1,56 +0,0 @@
# Custom Fields
!!!info
v0.5.0 adds support for custom fields to be used in the dashboard and in scripts.
#### Adding Custom Fields
In the dashboard, go to **Settings > Global Settings > Custom Fields** and click **Add Custom Field**.
!!!info
Everything between {{}} is CaSe sEnSiTive
The following options are available to configure on custom fields:
- **Model** - This is the object that the custom field will be added to. The available options are:
- Agent
- Site
- Client
- **Name** - Sets the name of the custom field. This will be used to identify the custom field in the dashboard and in scripts.
- **Field Type** - Sets the type of field. Below are the allowed types.
- Text
- Number
- Single select dropdown
- Multi-select dropdown
- Checkbox
- DateTime
- **Input Options** - *Only available on Single and Multiple-select dropdowns*. Sets the options to choose from.
- **Default Value** - If no value is found when looking up the custom field; this value will instead be supplied.
- **Required** - This makes the field required when adding new Clients, Sites, and Agents. *If this is set a default value will need to be set as well*
- **Hide in Dashboard** - This will not show the custom field in Client, Site, and Agent forms in the dashboard. This is useful if the custom field's value is updated by a collector task and only supplied to scripts.
#### Using Custom Fields in the Dashboard
Once the custom fields are added, they will show up in the Client, Site, and Agent Add/Edit forms.
#### Using Custom Fields in Scripts
Tactical RMM allows for passing various database fields for Clients, Sites, and Agents in scripts. This includes custom fields as well!
!!!warning
The characters within the brackets is case-sensitive!
In your script's arguments, use the notation `{{client.AV_KEY}}`. This will lookup the client for the agent that the script is running on and find the custom field named `AV_KEY` and replace that with the value.
The same is also true for `{{site.no_patching}}` and `{{agent.Another Field}}`
For more information see SCRIPTING PAGE
#### Populating Custom Fields automatically
Tactical RMM supports automatically collecting information and saving them directly to custom fields. This is made possible by creating **Collector Tasks**. These are just normal Automated Tasks, but instead they will save the last line of the standard output to the custom field that is selected.
!!!info
To populate a multiple select custom field, return a string with the options separated by a comma `"This,will,be,an,array"`
For more information See [Collector Tasks](automated_tasks.md#Collector Tasks)

17
docs/docs/functions/database_maintenance.md
View File

@ -1,17 +0,0 @@
# Database Maintenance
Tactical RMM ships with data retention defaults that will work fine for most environments. There are situations, depending on the number of agents and checks configured, that these defaults need to be tweaked to improve performance.
## Adjusting Data Retention
In the dashboard, go to **Settings > Global Settings > Retention**
The options are:
- **Check History** - Will delete check history older than the days specified (default is 30 days).
- **Resolved Alerts** - Will delete alerts that have been resolved older than the days specified (default is disabled).
- **Agent History** - Will delete agent command/script history older than the days specified (default is 60 days).
- **Debug Logs** - Will delete agent debug logs older than the days specified (default is 30 days)
- **Audit Logs** Will delete Tactical RMM audit logs older than the days specified (default is disabled)
To disable database pruning on a table, set the days to 0.

19
docs/docs/functions/django_admin.md
View File

@ -1,19 +0,0 @@
# Django Admin
!!!warning
Do not use the django admin unless you really know what you're doing.<br />You should never need to access it unless you are familiar with django or are instructed to do something here by one of the developers.
The django admin is basically a web interface for the postgres database.
As of Tactical RMM v0.4.19, the django admin is disabled by default.
To enable it, edit `/rmm/api/tacticalrmm/tacticalrmm/local_settings.py` and change `ADMIN_ENABLED` from `False` to `True` then `sudo systemctl restart rmm.service`
Login to the django admin using the same credentials as your normal web ui login.
If you did not save the django admin url (which was printed out at the end of the install script), check the `local_settings.py` file referenced above for the `ADMIN_URL` variable. Then simply append the value of this variable to your api domain (`https://api.EXAMPLE.COM/`) to get the full url.
Example of a full django admin url:
```
https://api.example.com/JwboKNYb3v6K93Fvtcz0G3vUM17LMTSZggOUAxa97jQfAh0P5xosEk7u2PPkjEfdOtucUp/
```

46
docs/docs/functions/email_alert.md
View File

@ -1,46 +0,0 @@
# Email Setup
Under **Settings > Global Settings > Email Alerts**
## Setting up Tactical RMM Alerts using Open Relay
MS 365 in this example
1. Log into Tactical RMM
2. Go to Settings
3. Go to Global Settings
4. Click on Alerts
5. Enter the email address (or addresses) you want to receive alerts to eg info@EXAMPLE.COM
6. Enter the from email address (this will need to be part of your domain on 365, however it doesnt need a license) eg rmm@EXAMPLE.COM
7. Go to MXToolbox.com and enter your domain name in, copy the hostname from there and paste into Host
8. Change the port to 25
9. Click Save
10. Login to admin.microsoft.com
11. Go to Exchange Admin Centre
12. Go to “Connectors” under “Mail Flow”
13. Click to + button
14. In From: select “Your organisations email server”
15. In To: select “Office 365”
16. Click Next
17. In the Name type in RMM
18. Click By Verifying that the IP address……
19. Click +
20. Enter your IP and Click OK
21. Click Next
22. Click OK
## Setting up Tactical RMM Alerts using username & password
Gmail in this example
1. Log into Tactical RMM
2. Go to Settings
3. Go to Global Settings
4. Click on Alerts
5. Enter the email address (or addresses) you want to receive alerts to eg info@EXAMPLE.COM
6. Enter the from email address myrmm@gmail.com
7. Tick the box “My server requires Authentication”
8. Enter your username e.g. myrmm@gmail.com
9. Enter your password
10. Change the port to 587
11. Click Save

39
docs/docs/functions/examples.md
View File

@ -1,39 +0,0 @@
# Examples
## Create Run URL Action to Computer support page
This will create a URL link that will take you to the support page for a computer based on the computers Serial Number
1. Goto `Settings | Global Settings | Custom Fields`
Under Agents tab Add Custom Field (CaSe SeNsItIve)
![Custom Field](../images/example1_customfield.png)
2. Create Task (best to use `Settings | Automation Manager` if you want to apply it to all computers). Add script that has an output of the data you want.
![Collector Script](../images/example1_taskcollectorscript.png)
3. Create URL Action (under `Settings | Global Settings | URL ACTIONS`) for Manufacturer websites
![URL Actions](../images/example1_urlaction.png)
Dell Support Page
```
https://www.dell.com/support/home/en-us/product-support/servicetag/{{agent.SerialNumber}}/overview
```
Lenovo Support Page
```
https://pcsupport.lenovo.com/us/en/products/{{agent.SerialNumber}}
```
HP Support Page
It gives an errors because the product model doesn't match the serial number. If you figure out a better link please let us know! :)
```
https://support.hp.com/us-en/product/hp-pro-3500-microtower-pc/5270849/model/5270850?serialnumber={{agent.SerialNumber}}
```

12
docs/docs/functions/keystore.md
View File

@ -1,12 +0,0 @@
# Global Key Store
The key store is used to store values that need to be referenced from multiple scripts. This also allows for easy updating of values since scripts reference the values at runtime.
To Add/Edit values in the Global Key Store, browse to **Settings > Global Settings > KeyStore**.
You can reference values from the key store in script arguments by using the {{global.key_name}} syntax.
!!!info
Everything between {{}} is CaSe sEnSiTive
See [Scripts](scripting.md) for more information.

12
docs/docs/functions/maintenance_mode.md
View File

@ -1,12 +0,0 @@
# Maintenance Mode
Enabling maintenance mode for an agent will prevent any overdue/check/task email/sms alerts from being sent.
It will also prevent clients/sites/agents from showing up as red in the dashboard if they have any failing checks or are overdue.
To enable maintenance mode for all agents in a client/site, **Right Click** on a client / site and choose **Enable Maintenance Mode**
![maint_mode](../images/maint_mode.png)
To enable maintenance mode for a single agent, **Right Click** on the agent and choose **Enable Maintenance Mode**

18
docs/docs/functions/permissions.md
View File

@ -1,18 +0,0 @@
# User Roles and Permissions
## Permission Manager
Make sure you've setup at least 1 valid (Super User aka Administrator) role under _Settings > Permission Manager_
1. Login as usual Tactical user
2. Go to Settings - Permissions Manager
3. Click New Role
4. You can all the role anything, I called it Admins
5. Tick the Super User Box/or relevant permissions required
6. Click Save then exit Permissions Manager
7. Go to Settings - Users
8. Open current logged in user/or any other user and assign role (created above step 6) in the Role drop down box.
9. Click Save
Once you've set that up a Super User role and assigned your primary user, you can create other Roles with more limited access.

21
docs/docs/functions/remote_bg.md
View File

@ -1,21 +0,0 @@
# Remote Background
To access: **Right click** on an agent > **Remote Background**
#### Services Tab
Right click on a service to show the context menu where you can start/stop/restart services:
![services_contextmenu](../images/services_contextmenu.png)
Click *Service Details* to bring up the details tab where you can edit more service options:
![service_detail](../images/service_detail.png)
#### Processes Tab
A very basic task manager that shows real time process usage.
**Right click** on a process to end the task:
![taskmanager](../images/taskmanager.png)

155
docs/docs/functions/scripting.md
View File

@ -1,155 +0,0 @@
# Scripting
Tactical RMM supports uploading existing scripts or adding new scripts right in the dashboard. Languages supported are:
- Powershell
- Windows Batch
- Python
## Adding Scripts
In the dashboard, browse to **Settings > Scripts Manager**. Click the **New** button and select either Upload Script or New Script. The available options for scripts are:
- **Name** - This identifies the script in the dashboard
- **Description** - Optional description for the script
- **Category** - Optional way to group similar scripts together.
- **Type** - This sets the language of the script. Available options are:
- Powershell
- Windows Batch
- Python
- **Script Arguments** - Optional way to set default arguments for scripts. These will auto populate when running scripts and can be changed at runtime.
- **Default Timeout** - Sets the default timeout of the script and will stop script execution if the duration surpasses the configured timeout. Can be changed at script runtime
- **Favorite** - Favorites the script.
## Downloading Scripts
To download a Tactical RMM Script, click on the script in the Script Manager to select it. Then click the **Download Script** button on the top. You can also right-click on the script and select download
## Community Scripts
These are script that are built into Tactical RMM. They are provided and maintained by the Tactical RMM community. These scripts are updated whenever Tactical RMM is updated and can't be modified or deleted in the dashboard.
### Hiding Community Scripts
You can choose to hide community script throughout the dashboard by opening **Script Manager** and clicking the **Show/Hide Community Scripts** toggle button.
## Using Scripts
### Manual run on agent
In the **Agent Table**, you can right-click on an agent and select **Run Script**. You have the options of:
- **Wait for Output** - Runs the script and waits for the script to finish running and displays the output.
- **Fire and Forget** - Starts the script and does not wait for output.
- **Email Output** - Starts the script and will email the output. Allows for using the default email address in the global settings or adding a new email address.
- **Save as Note** - Saves the output as a Note that can be views in the agent Notes tab
- **Collector** - Saves to output to the specified custom field.
There is also an option on the agent context menu called **Run Favorited Script**. This will pre-populate the script run dialog with the script of your choice.
[Script Execution Process](../../howitallworks/#windows-agent)
### Script Arguments
The `Script Arguments` field should be pre-filled with information for any script that can accept or requires parameters.
<p style="background-color:#1e1e1e;">
&nbsp;<span style=color:#d4d4d4><</span><span style="color:#358cd6">Required Parameter Name</span><span style=color:#d4d4d4>></span> <span style=color:#d4d4d4><</span><span style="color:#358cd6">string</span><span style=color:#d4d4d4>></span><br>
&nbsp;<span style="color:#ffd70a">[</span><span style=color:#d4d4d4>-<</span><span style="color:#358cd6">Optional Parameter Name</span><span style=color:#d4d4d4>></span> <span style=color:#d4d4d4><</span><span style="color:#358cd6">string</span><span style=color:#d4d4d4>></span><span style="color:#ffd70a">]</span><br>
&nbsp;<span style="color:#ffd70a">[</span><span style=color:#d4d4d4>-<</span><span style="color:#358cd6">string</span><span style=color:#d4d4d4>></span> <span style="color:#c586b6">{</span><span style=color:#87cefa>(</span><span style=color:#d4d4d4><</span><span style="color:#358cd6">default string if not specified</span><span style=color:#d4d4d4>></span><span style=color:#87cefa>)</span> <span style=color:#d4d4d4>|</span> <span style=color:#d4d4d4><</span><span style="color:#358cd6">string2</span><span style=color:#d4d4d4>></span> <span style=color:#d4d4d4>|</span> <span style=color:#d4d4d4><</span><span style="color:#358cd6">string3</span><span style=color:#d4d4d4>></span><span style="color:#c586b6">}</span><span style="color:#ffd70a">]</span></p>
Where `[]` indicates an optional parameter
and `{}` indicates a parameter with several preconfigured parameter
and `()` indicates a default parameter if none is specified
### Bulk Run on agents
Under the tools menu -> Run Bulk Script you can execute scripts against Clients/Sites/Selected Agents/All based on All/Servers/Workstations
### Automated Tasks
Tactical RMM allows scheduling tasks to run on agents. This leverages the Windows Task Scheduler and has the same scheduling options.
See [Automated Tasks](automated_tasks.md) for configuring automated tasks
### Script Checks
Scripts can also be run periodically on an agent and trigger an alert if it fails.
### Alert Failure/Resolve Actions
Scripts can be triggered when an alert is triggered and resolved. This script will run on any online agent and supports passing the alert information as arguments.
For configuring **Alert Templates**, see [Alerting](./alerting.md)
See below for populating dashboard data in scripts and the available options.
## Using dashboard data in scripts
Tactical RMM allows passing in dashboard data to scripts as arguments. The below powershell arguments will get the client name of the agent and also the agent's public IP address
```
-ClientName {{client.name}} -PublicIP {{agent.public_ip}}
```
!!!info
Everything between {{}} is CaSe sEnSiTive
See a full list of possible built-in variables [Here](../script_variables.md)
### Getting Custom Field values
Tactical RMM supports pulling data from custom fields using the {{model.custom_field_name}} syntax.
See [Using Custom Fields in Scripts](custom_fields.md#Using Custom Fields in Scripts)
### Getting values from the Global Keystore
Tactical RMM supports getting values from the global key store using the {{global.key_name}} syntax
See [Global Keystore](keystore.md).
### Example Powershell Script
The below script takes five named values. The arguments will look like this: `-SiteName {{site.name}} -ClientName {{client.name}} -PublicIP {{agent.public_ip}} -CustomField {{client.AV_KEY}} -Global {{global.API_KEY}}`
```powershell
param (
[string] $SiteName,
[string] $ClientName,
[string] $PublicIp,
[string] $CustomField,
[string] $Global
)
Write-Output "Site: $SiteName"
Write-Output "Client: $ClientName"
Write-Output "Public IP: $PublicIp"
Write-Output "Custom Fields: $CustomField"
Write-Output "Global: $Global"
```
## Script Snippets
Script Snippets allow you to create common code blocks or comments and apply them to all of your scripts. This could be initialization code, common error checking, or even code comments.
### Adding Script Snippets
In the dashboard, browse to **Settings > Scripts Manager**. Click the **Script Snippets** button.
- **Name** - This identifies the script snippet in the dashboard
- **Description** - Optional description for the script snippet
- **Shell** - This sets the language of the script. Available options are:
- Powershell
- Windows Batch
- Python
### Using Script Snippets
When editing a script, you can add template tags to the script body that contains the script snippet name. For example, if a script snippet exists with the name "Check WMF", you would put {{Check WMF}} in the script body and the snippet code will be replaced.
!!!info
Everything between {{}} is CaSe sEnSiTive
The template tags will only be visible when Editing the script. When downloading or viewing the script code the template tags will be replaced with the script snippet code.

19
docs/docs/functions/settings_override.md
View File

@ -1,19 +0,0 @@
# Settings Override
### Browser token expiration
The default browser token expiration is set to 5 hours. See this [ticket](https://github.com/wh1te909/tacticalrmm/issues/503) for reference.
To change it, add the following code block to the end of `/rmm/api/tacticalrmm/tacticalrmm/local_settings.py`
```python
from datetime import timedelta
REST_KNOX = {
"TOKEN_TTL": timedelta(days=30),
"AUTO_REFRESH": True,
"MIN_REFRESH_INTERVAL": 600,
}
```
Change `(days=30)` to whatever you prefer. Then run `sudo systemctl restart rmm.service` for changes to take effect.

26
docs/docs/functions/url_actions.md
View File

@ -1,26 +0,0 @@
# URL Actions
URL Actions will run against an agent and open a configured URL in a new browser tab or window. This allows for integrations with various remote viewing softwares.
## Adding URL Actions
In the dashboard, browse to **Settings > Global Settings > URL Actions**. The available options are:
- **Name** - This identifies the URL Action in other parts of the dashboard
- **Description** - Optional description for the URL Action
- **Pattern** - This is the actual URL pattern that will open in the new browser tab/window. This field supports variables from the [Global Keystore](keystore.md) and [Script Variables](../script_variables.md).
### URL Pattern Example
!!!info
Variable names are *case sensitive*!
```
https://remote.example.com/connect?API_KEY={{global.API_KEY}}&agent_id={{agent.Remote ID}}
```
The above example uses a value defined in the **global keystore** named *API_KEY* and an **Agent custom field** called *remote id*. The URLs are properly encoded to work with any special characters or spaces returned in the values.
## Running URL Actions
In the agent table, right-click on the Agent and select **Run URL Action** and select the action to run

8
docs/docs/functions/user_ui.md
View File

@ -1,8 +0,0 @@
# User Interface Preferences
Click on your username at the top right of the dashboard > Preferences:
![user_prefs](../images/user_prefs.png)
![user_prefs2](../images/user_prefs2.png)

25
docs/docs/guide_gettingstarted.md
View File

@ -1,25 +0,0 @@
# TLRD Version
## At Install
Setup Email Alerts
Setup SMS Alerts
Setup Server Preferences
General
Time Zone
Clear faults on agents that haven't checked in after (days)
Setup Automation Manager
Default Profile for workstations
## Every 75 days
OS updates
reboot
Backup
TRMM Update
## Biannually

576
docs/docs/howitallworks.md
View File

@ -1,576 +0,0 @@
# How It All Works
## Understanding TRMM
Anything you configure: scripts, tasks, patching etc is queued and scheduled on the server to do something.
Everything that is queued, happens immediately when agents are online.
The agent gets a nats command, server tells it to do xyz and it does it.
When agents are not connected to the server nothing happens. The windows task scheduler says do x at some time, what it's asked to do is get x command from the server. If server is offline, nothing happens.
If an agent comes online, every x interval (windows update, pending tasks etc) check and see is there something for me to do that I missed while I was offline. When that time occurs (eg agent sees if it needs to update itself at 35mins past every hr https://wh1te909.github.io/tacticalrmm/update_agents/ ) it'll get requested on the online agent.
That's the simplified general rule for everything TRMM.
[![Network Design](images/TacticalRMM-Network.png)](images/TacticalRMM-Network.png)
Still need graphics for
1. Agent installer steps
2. Agent checks/tasks and how they work on the workstation/interact with server
## Server
Has a postgres database located here:
[Django Admin](https://wh1te909.github.io/tacticalrmm/functions/django_admin.html)
!!!description
A web interface for the postgres database
All Tactical RMM dependencies are listed [here](https://github.com/wh1te909/tacticalrmm/blob/develop/api/tacticalrmm/requirements.txt)
### Outbound Firewall Rules
If you have strict firewall rules these are the only outbound rules from the server needed for all functionality:
1. Outbound traffic to all agent IP scopes for reflect traffic from agents
#### Server without Code Signing key
No additional rules needed
#### Server with Code Signing key
No additional rules needed
### System Services
This lists the system services used by the server.
#### nginx web server
Nginx is the web server for the `rmm`, `api`, and `mesh` domains. All sites redirect port 80 (HTTP) to port 443 (HTTPS).
!!! warning
nginx does not serve the NATS service on port 4222.
???+ abstract "nginx configuration (a.k.a. sites available)"
- [nginx configuration docs](https://docs.nginx.com/nginx/admin-guide/basic-functionality/managing-configuration-files/)
=== ":material-web: `rmm.example.com`"
This serves the frontend website that you interact with.
- Config: `/etc/nginx/sites-enabled/frontend.conf`
- root: `/var/www/rmm/dist`
- Access log: `/var/log/nginx/frontend-access.log`
- Error log: `/var/log/nginx/frontend-error.log`
- TLS certificate: `/etc/letsencrypt/live/example.com/fullchain.pem`
=== ":material-web: `api.example.com`"
This serves the TRMM API for the frontend and agents.
- Config: `/etc/nginx/sites-enabled/rmm.conf`
- roots:
- `/rmm/api/tacticalrmm/static/`
- `/rmm/api/tacticalrmm/tacticalrmm/private/`
- Upstreams:
- `unix://rmm/api/tacticalrmm/tacticalrmm.sock`
- `unix://rmm/daphne.sock`
- Access log: `/rmm/api/tacticalrmm/tacticalrmm/private/log/access.log`
- Error log: `/rmm/api/tacticalrmm/tacticalrmm/private/log/error.log`
- TLS certificate: `/etc/letsencrypt/live/example.com/fullchain.pem`
=== ":material-web: `mesh.example.com`"
This serves MeshCentral for remote access.
- Config: `/etc/nginx/sites-enabled/meshcentral.conf`
- Upstream: `http://127.0.0.1:4430/`
- Access log: `/var/log/nginx/access.log` (uses default)
- Error log: `/var/log/nginx/error.log` (uses default)
- TLS certificate: `/etc/letsencrypt/live/example.com/fullchain.pem`
=== ":material-web: default"
This is the default site installed with nginx. This listens on port 80 only.
- Config: `/etc/nginx/sites-enabled/default`
- root: `/var/www/rmm/dist`
- Access log: `/var/log/nginx/access.log` (uses default)
- Error log: `/var/log/nginx/error.log` (uses default)
???+ note "systemd config"
=== ":material-console-line: status commands"
- Status: `systemctl status --full nginx.service`
- Stop: `systemctl stop nginx.service`
- Start: `systemctl start nginx.service`
- Restart: `systemctl restart nginx.service`
- Restart: `systemctl reload nginx.service` reloads the config without restarting
- Test config: `nginx -t`
- Listening process: `ss -tulnp | grep nginx`
=== ":material-ubuntu: standard"
- Service: `nginx.service`
- Address: `0.0.0.0`
- Port: 443
- Exec: `/usr/sbin/nginx -g 'daemon on; master_process on;'`
- Version: 1.18.0
=== ":material-docker: docker"
TBD - To Be Documented
#### Tactical RMM (Django uWSGI) service
Built on the Django framework, the Tactical RMM service is the heart of the system by serving the API for the frontend and agents.
???+ note "systemd config"
- [uWSGI docs](https://uwsgi-docs.readthedocs.io/en/latest/index.html)
=== ":material-console-line: status commands"
- Status: `systemctl status --full rmm.service`
- Stop: `systemctl stop rmm.service`
- Start: `systemctl start rmm.service`
- Restart: `systemctl restart rmm.service`
- journalctl:
- "tail" the logs: `journalctl --identifier uwsgi --follow`
- View the logs: `journalctl --identifier uwsgi --since "30 minutes ago" | less`
=== ":material-ubuntu: standard"
- Service: `rmm.service`
- Socket: `/rmm/api/tacticalrmm/tacticalrmm.sock`
- uWSGI config: `/rmm/api/tacticalrmm/app.ini`
- Log: None
- Journal identifier: `uwsgi`
- Version: 2.0.18
=== ":material-docker: docker"
TBD - To Be Documented
#### Daphne: Django channels daemon
[Daphne](https://github.com/django/daphne) is the official ASGI HTTP/WebSocket server maintained by the [Channels project](https://channels.readthedocs.io/en/stable/index.html).
???+ note "systemd config"
- Django [Channels configuration docs](https://channels.readthedocs.io/en/stable/topics/channel_layers.html)
=== ":material-console-line: status commands"
- Status: `systemctl status --full daphne.service`
- Stop: `systemctl stop daphne.service`
- Start: `systemctl start daphne.service`
- Restart: `systemctl restart daphne.service`
- journalctl (this provides only system start/stop logs, not the actual logs):
- "tail" the logs: `journalctl --identifier daphne --follow`
- View the logs: `journalctl --identifier daphne --since "30 minutes ago" | less`
=== ":material-ubuntu: standard"
- Service: `daphne.service`
- Socket: `/rmm/daphne.sock`
- Exec: `/rmm/api/env/bin/daphne -u /rmm/daphne.sock tacticalrmm.asgi:application`
- Config: `/rmm/api/tacticalrmm/tacticalrmm/local_settings.py`
- Log: `/rmm/api/tacticalrmm/tacticalrmm/private/log/debug.log`
=== ":material-docker: docker"
TBD - To Be Documented
#### NATS server service
[NATS](https://nats.io/) is a messaging bus for "live" communication between the agent and server. NATS provides the framework for the server to push commands to the agent and receive information back.
???+ note "systemd config"
- [NATS server configuration docs](https://docs.nats.io/running-a-nats-service/configuration)
=== ":material-console-line: status commands"
- Status: `systemctl status --full nats.service`
- Stop: `systemctl stop nats.service`
- Start: `systemctl start nats.service`
- Restart: `systemctl restart nats.service`
- Restart: `systemctl reload nats.service` reloads the config without restarting
- journalctl:
- "tail" the logs: `journalctl --identifier nats-server --follow`
- View the logs: `journalctl --identifier nats-server --since "30 minutes ago" | less`
- Listening process: `ss -tulnp | grep nats-server`
=== ":material-ubuntu: standard"
- Service: `nats.service`
- Address: `0.0.0.0`
- Port: `4222`
- Exec: `/usr/local/bin/nats-server --config /rmm/api/tacticalrmm/nats-rmm.conf`
- Config: `/rmm/api/tacticalrmm/nats-rmm.conf`
- TLS: `/etc/letsencrypt/live/example.com/fullchain.pem`
- Log: None
- Version: v2.3.3
=== ":material-docker: docker"
- Get into bash in your docker with: `sudo docker-compose exec tactical-nats /bin/bash`
- Log: `nats-api -log debug`
#### NATS API service
The NATS API service is a very light golang wrapper to replace traditional http requests sent to django. The agent sends the data to nats-api which is always listening for agent requests (on Port 4222). It then saves the data to postgres directly.
???+ note "systemd config"
=== ":material-console-line: status commands"
- Status: `systemctl status --full nats-api.service`
- Stop: `systemctl stop nats-api.service`
- Start: `systemctl start nats-api.service`
- Restart: `systemctl restart nats-api.service`
- journalctl: This application does not appear to log anything.
=== ":material-ubuntu: standard"
- Service: `nats-api.service`
- Exec: `/usr/local/bin/nats-api --config /rmm/api/tacticalrmm/nats-api.conf`
- Config: `/rmm/api/tacticalrmm/nats-api.conf`
- TLS: `/etc/letsencrypt/live/example.com/fullchain.pem`
- Log: None
=== ":material-docker: docker"
TBD - To Be Documented
#### Celery service
[Celery](https://github.com/celery/celery) is a task queue focused on real-time processing and is responsible for scheduling tasks to be sent to agents.
Log located at `/var/log/celery`
???+ note "systemd config"
- [Celery docs](https://docs.celeryproject.org/en/stable/index.html)
- [Celery configuration docs](https://docs.celeryproject.org/en/stable/userguide/configuration.html)
=== ":material-console-line: status commands"
- Status: `systemctl status --full celery.service`
- Stop: `systemctl stop celery.service`
- Start: `systemctl start celery.service`
- Restart: `systemctl restart celery.service`
- journalctl: Celery executes `sh` causing the systemd identifier to be `sh`, thus mixing the `celery` and `celerybeat` logs together.
- "tail" the logs: `journalctl --identifier sh --follow`
- View the logs: `journalctl --identifier sh --since "30 minutes ago" | less`
- Tail logs: `tail -F /var/log/celery/w*-*.log`
=== ":material-ubuntu: standard"
- Service: `celery.service`
- Exec: `/bin/sh -c '${CELERY_BIN} -A $CELERY_APP multi start $CELERYD_NODES --pidfile=${CELERYD_PID_FILE} --logfile=${CELERYD_LOG_FILE} --loglevel="${CELERYD_LOG_LEVEL}" $CELERYD_OPTS'`
- Config: `/etc/conf.d/celery.conf`
- Log: `/var/log/celery/w*-*.log`
=== ":material-docker: docker"
TBD - To Be Documented
#### Celery Beat service
[celery beat](https://github.com/celery/django-celery-beat) is a scheduler; It kicks off tasks at regular intervals, that are then executed by available worker nodes in the cluster.
???+ note "systemd config"
- [Celery beat docs](https://docs.celeryproject.org/en/stable/userguide/periodic-tasks.html)
=== ":material-console-line: status commands"
- Status: `systemctl status --full celerybeat.service`
- Stop: `systemctl stop celerybeat.service`
- Start: `systemctl start celerybeat.service`
- Restart: `systemctl restart celerybeat.service`
- journalctl: Celery executes `sh` causing the systemd identifier to be `sh`, thus mixing the `celery` and `celerybeat` logs together.
- "tail" the logs: `journalctl --identifier sh --follow`
- View the logs: `journalctl --identifier sh --since "30 minutes ago" | less`
- Tail logs: `tail -F /var/log/celery/beat.log`
=== ":material-ubuntu: standard"
- Service: `celerybeat.service`
- Exec: `/bin/sh -c '${CELERY_BIN} -A ${CELERY_APP} beat --pidfile=${CELERYBEAT_PID_FILE} --logfile=${CELERYBEAT_LOG_FILE} --loglevel=${CELERYD_LOG_LEVEL}'`
- Config: `/etc/conf.d/celery.conf`
- Log: `/var/log/celery/beat.log`
=== ":material-docker: docker"
TBD - To Be Documented
#### MeshCentral
[MeshCentral](https://github.com/Ylianst/MeshCentral) is used for: "Take Control" (connecting to machine for remote access), and 2 screens of the "Remote Background" (Terminal, and File Browser).
???+ note "meshcentral"
- [MeshCentral docs](https://info.meshcentral.com/downloads/MeshCentral2/MeshCentral2UserGuide.pdf)
=== ":material-console-line: status commands"
- Status: `systemctl status --full meshcentral`
- Stop: `systemctl stop meshcentral`
- Start: `systemctl start meshcentral`
- Restart: `systemctl restart meshcentral`
=== ":material-remote-desktop: Debugging"
- Open either "Take Control" or "Remote Background" to get mesh login token
- Open https://mesh.example.com to open native mesh admin interface
- Left-side "My Server" > Choose "Console" > type `agentstats`
- To view detailed logging goto "Trace" > click Tracing button and choose categories
### Other Dependencies
[Django](https://www.djangoproject.com/) - Framework to integrate the server to interact with browser.
<details>
<summary>Django dependencies</summary>
```text
future==0.18.2
loguru==0.5.3
msgpack==1.0.2
packaging==20.9
psycopg2-binary==2.9.1
pycparser==2.20
pycryptodome==3.10.1
pyotp==2.6.0
pyparsing==2.4.7
pytz==2021.1
```
</details>
[qrcode](https://pypi.org/project/qrcode/) - Creating QR codes for 2FA.
<details>
<summary>qrcode dependencies</summary>
```text
redis==3.5.3
requests==2.25.1
six==1.16.0
sqlparse==0.4.1
```
</details>
[twilio](https://www.twilio.com/) - Python SMS notification integration.
<details>
<summary>twilio dependencies</summary>
```text
urllib3==1.26.5
uWSGI==2.0.19.1
validators==0.18.2
vine==5.0.0
websockets==9.1
zipp==3.4.1
```
</details>
## Windows Agent
Found in `%programfiles%\TacticalAgent`
When scripts/checks execute, they are:
1. transferred from the server via nats
2. saved to a randomly created file in `c:\windows\temp\trmm\`
3. executed
4. Return info is captured and returned to the server via nats
5. File in `c:\windows\temp\trmm\` are removed automatically after execution/timeout.
### Outbound Firewall Rules
If you have strict firewall rules these are the only outbound rules from the agent needed for all functionality:
1. All agents have to be able to connect outbound to TRMM server on the 3 domain names on ports: 443 (agent and mesh) and 4222 (nats for checks/tasks/data)
2. The agent uses `https://icanhazip.tacticalrmm.io/` to get public IP info. If this site is down for whatever reason, the agent will fallback to `https://icanhazip.com` and then `https://ifconfig.co/ip`
#### Unsigned Agents
Unsigned agents require access to: `https://github.com/wh1te909/rmmagent/releases/*`
#### Signed Agents
Signed agents will require: `https://exe.tacticalrmm.io/` and `https://exe2.tacticalrmm.io/` for downloading/updating agents
### Services
3 services exist on all clients
* `Mesh Agent`
![MeshService](images/trmm_services_mesh.png)
![MeshAgentTaskManager](images/trmm_services__taskmanager_mesh.png)
**AND**
* `TacticalAgent` and `Tactical RMM RPC Service`
![TacticalAgentServices](images/trmm_services.png)
![TacticalAgentTaskManager](images/trmm_services__taskmanager_agent.png)
The [MeshCentral](https://meshcentral.com/) system which is accessible from `https://mesh.example.com` and is used
* It runs 2 goroutines
* one is the checkrunner which runs all the checks and then just sleeps until it's time to run more checks
* 2nd goroutine periodically sends info about the agent to the rmm and also handles agent recovery
!!!note
In Task Manager you will see additional `Tactical RMM Agent` processes appear and disappear. These are your Checks and Tasks running at scheduled intervals
`Tactical RMM RPC Service`
* Uses the pub/sub model so anytime you do anything realtime from rmm (like a send command or run script)
* It maintains a persistent connection to your to the api.example.com rmm server on `port:4222` and is listening for events (using [nats](https://nats.io/))
* It handles your Agent updates (Auto triggers at 35mins past every hour or when run manually from server Agents | Update Agents menu)
***
### Agent Installation Process
* Adds Defender AV exclusions
* Copies temp files to `c:\windows\temp\tacticalxxx` folder.
* INNO setup installs app into `%ProgramData%\TacticalAgent\` folder
***
### Agent Update Process
Downloads latest `winagent-vx.x.x-x86/64.exe` to `%programfiles%`
Executes the file (INNO setup exe)
Files create `c:\Windows\temp\Tacticalxxxx\` folder for install (and log files)
***
### Agent Debugging
You can temporarily log to screen, or log to file
???+ note "Debugging Options"
=== ":material-math-log: Manual One Time"
Stop the services
```cmd
net stop tacticalagent
net stop tacticalrpc
```
Then run either Agent:
Run the tacticalagent service manually with debug logging:
```cmd
"C:\Program Files\TacticalAgent\tacticalrmm.exe" -m winagentsvc -log debug -logto stdout
```
Run the tacticalrpc service manually with debug logging:
```cmd
"C:\Program Files\TacticalAgent\tacticalrmm.exe" -m rpc -log debug -logto stdout
```
=== ":material-math-log: Log debug to file"
TacticalAgent
Stop the service
```cmd
net stop tacticalagent
```
Edit the service: `TacticalAgent`
```cmd
cd "c:\Program Files\TacticalAgent"
nssm.exe edit tacticalagent
```
Add options `-m winagentsvc -log debug`
TacticalAgent: Start the service
```cmd
net start tacticalagent
```
It will debug log to `"C:\Program Files\TacticalAgent\agent.log"`
**AND/OR**
Tacticalrpc
Stop the service
```cmd
net stop tacticalrpc
```
Edit the service: `Tacticalrpc`
```cmd
cd "c:\Program Files\Tacticalrpc"
nssm.exe edit tacticalrpc
```
Add options `-m rpc -log debug`
Tacticalrpc: Start the service
```cmd
net start tacticalrpc
```
It will debug log to `"C:\Program Files\TacticalAgent\agent.log"`
#### Mesh Agent Recovery
Tactical Agent just runs `mesh_agent.exe -something` to get the mesh agent id and saves it to the django database.
#### Tactical RPC Recovery
#### Tactical Agent Recovery
### Windows Update Management
Tactical RMM Agent sets:
```reg
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
AUOptions (REG_DWORD):
1: Keep my computer up to date is disabled in Automatic Updates.
```
Uses this Microsoft API to handle updates: [https://docs.microsoft.com/en-us/windows/win32/api/_wua/](https://docs.microsoft.com/en-us/windows/win32/api/_wua/)
### Log files
You can find 3 sets of detailed logs at `/rmm/api/tacticalrmm/tacticalrmm/private/log`
* `error.log` nginx log for all errors on all TRMM URL's: rmm, api and mesh
* `access.log` nginx log for access auditing on all URL's: rmm, api and mesh (_this is a large file, and should be cleaned periodically_)
* `django_debug.log` created by django webapp

BIN
docs/docs/images/3rdparty_anydesk1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 35 KiB

BIN
docs/docs/images/3rdparty_anydesk2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 43 KiB

BIN
docs/docs/images/3rdparty_bdg_CustFieldLink.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 32 KiB

BIN
docs/docs/images/3rdparty_bdg_DownloadLink.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 5.2 KiB

BIN
docs/docs/images/3rdparty_bdg_LinkCopy.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 26 KiB

BIN
docs/docs/images/3rdparty_bdg_Packages.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 30 KiB

BIN
docs/docs/images/3rdparty_bdg_RmmCustField.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 36 KiB

BIN
docs/docs/images/3rdparty_grafana_ex1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 97 KiB

BIN
docs/docs/images/3rdparty_grafana_ex2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 163 KiB

BIN
docs/docs/images/3rdparty_sc_aio.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 20 KiB

BIN
docs/docs/images/3rdparty_screenconnect1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 9.3 KiB

BIN
docs/docs/images/3rdparty_screenconnect2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 31 KiB

BIN
docs/docs/images/3rdparty_screenconnect3.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 36 KiB

BIN
docs/docs/images/3rdparty_screenconnect4.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 29 KiB

BIN
docs/docs/images/3rdparty_splashtop1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 13 KiB

BIN
docs/docs/images/3rdparty_splashtop2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 32 KiB

BIN
docs/docs/images/3rdparty_teamviewer1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 37 KiB

BIN
docs/docs/images/3rdparty_teamviewer2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 44 KiB

BIN
docs/docs/images/Remote_SSH_connection.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.9 KiB

1
docs/docs/images/TacticalRMM-Network.drawio
View File

File diff suppressed because one or more lines are too long

BIN
docs/docs/images/TacticalRMM-Network.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 259 KiB

BIN
docs/docs/images/arecords.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 18 KiB

BIN
docs/docs/images/autoagentupdate.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 12 KiB

BIN
docs/docs/images/avbitdefender_gravityzone_exclusions0.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 99 KiB

BIN
docs/docs/images/avbitdefender_gravityzone_exclusions1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 120 KiB

BIN
docs/docs/images/avbitdefender_gravityzone_exclusions2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 91 KiB

BIN
docs/docs/images/avwebroot.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 26 KiB

BIN
docs/docs/images/avwebroot1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 23 KiB

BIN
docs/docs/images/avwebroot2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 25 KiB

BIN
docs/docs/images/avwebroot3.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 24 KiB

BIN
docs/docs/images/avwebroot4.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 25 KiB

BIN
docs/docs/images/avwebroot5.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 25 KiB

BIN
docs/docs/images/celebrate.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 375 KiB

BIN
docs/docs/images/community_scripts_name_field_example1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 17 KiB

BIN
docs/docs/images/contribute_browser_make_changes.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 47 KiB

BIN
docs/docs/images/contribute_browser_make_changes2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 19 KiB

BIN
docs/docs/images/dnstxt.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 12 KiB

BIN
docs/docs/images/docker_WSL2_distros_missing.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 63 KiB

BIN
docs/docs/images/docker_with_ubuntu-20.04.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 24 KiB

BIN
docs/docs/images/esetesmc1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 86 KiB

BIN
docs/docs/images/esetesmc2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 28 KiB

BIN
docs/docs/images/esetesmc3.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 66 KiB

BIN
docs/docs/images/esetesmc4.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 38 KiB

BIN
docs/docs/images/esetesmc5.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 18 KiB

BIN
docs/docs/images/example1_customfield.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 13 KiB

BIN
docs/docs/images/example1_taskcollectorscript.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 27 KiB

BIN
docs/docs/images/example1_urlaction.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 16 KiB

BIN
docs/docs/images/faq_av_option1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 8.6 KiB

BIN
docs/docs/images/faq_av_sandbox1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 70 KiB

BIN
docs/docs/images/faq_av_sandbox2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 36 KiB

BIN
docs/docs/images/faq_av_sandbox3.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 30 KiB

BIN
docs/docs/images/faq_av_sandbox4.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 20 KiB

BIN
docs/docs/images/favicon.ico
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 758 B

Some files were not shown because too many files have changed in this diff Show More