### Standard Installation Example Source: https://github.com/0x101-cyber-security/netlock-rmm/blob/main/NetLock RMM Agent Installer/README.md Example of a standard clean installation of the NetLock RMM Agent. ```bash ./NetLock_RMM_Agent_Installer clean /home/user/server_config.json ``` -------------------------------- ### Installation with All Options Combined Source: https://github.com/0x101-cyber-security/netlock-rmm/blob/main/NetLock RMM Agent Installer/README.md Demonstrates combining multiple options for installation, including custom temp directory, no logging, and elevated privileges. ```bash # Linux sudo ./NetLock_RMM_Agent_Installer clean /etc/netlock/server_config.json --temp /var/tmp/netlock --no-log # Windows NetLock_RMM_Agent_Installer.exe clean C:\configs\server_config.json --temp E:\Temp --hidden --no-log ``` -------------------------------- ### Basic NetLock RMM Agent Installer Commands Source: https://github.com/0x101-cyber-security/netlock-rmm/blob/main/NetLock RMM Agent Installer/README.md Perform clean installations, repairs, or uninstalls using the NetLock RMM Agent Installer. Requires administrative privileges. ```bash # Clean installation with server configuration ./NetLock_RMM_Agent_Installer clean /path/to/server_config.json # Repair (fix) with server configuration ./NetLock_RMM_Agent_Installer fix /path/to/server_config.json # Uninstall ./NetLock_RMM_Agent_Installer uninstall ``` -------------------------------- ### Installation with Custom Temp Directory Source: https://github.com/0x101-cyber-security/netlock-rmm/blob/main/NetLock RMM Agent Installer/README.md Installs the agent using a custom temporary directory. Ensure the directory exists or has write permissions. ```bash # Linux/macOS ./NetLock_RMM_Agent_Installer clean /home/user/server_config.json --temp /mnt/custom/temp # Windows NetLock_RMM_Agent_Installer.exe clean C:\configs\server_config.json --temp D:\CustomTemp ``` -------------------------------- ### Agent Installer CLI Commands Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Commands for the NetLock RMM Agent Installer CLI, used for cross-platform installation and management. ```APIDOC ## Agent Installer CLI ### Description Commands for the NetLock RMM Agent Installer CLI, used for cross-platform installation and management. ### Commands - **clean** - Installs all agents from the server. - Usage: `NetLock_RMM_Agent_Installer.exe clean /path/to/server_config.json` (Windows) - Usage: `sudo ./NetLock_RMM_Agent_Installer clean /path/to/server_config.json` (Linux) - **fix** - Reinstalls agents while preserving existing device identity and access key. - Usage: `NetLock_RMM_Agent_Installer.exe fix /path/to/server_config.json` - **uninstall** - Uninstalls all agent components. - Usage: `NetLock_RMM_Agent_Installer.exe uninstall` ### Options - **--hidden** - Runs the installer without a console window (Windows). - **--no-log** - Disables logging. - **--temp <directory>** - Specifies a custom temporary directory for installation files. ### One-Click Installer - A self-contained binary with embedded server configuration. - Usage: `./NetLock_RMM_Agent_Installer_OneClick` ``` -------------------------------- ### Agent Installer CLI Commands Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Commands for installing, fixing, and uninstalling the NetLock RMM Agent using the cross-platform CLI binary. Supports various options for silent installation and custom configurations. ```bash NetLock_RMM_Agent_Installer.exe clean /path/to/server_config.json ``` ```bash NetLock_RMM_Agent_Installer.exe fix /path/to/server_config.json ``` ```bash NetLock_RMM_Agent_Installer.exe clean /path/to/server_config.json --hidden --no-log ``` ```bash NetLock_RMM_Agent_Installer.exe uninstall ``` ```bash sudo ./NetLock_RMM_Agent_Installer clean /path/to/server_config.json ``` ```bash ./NetLock_RMM_Agent_Installer_OneClick ``` ```bash NetLock_RMM_Agent_Installer.exe clean /path/to/server_config.json --temp C:\\AltTemp ``` -------------------------------- ### Silent Installation on Windows Source: https://github.com/0x101-cyber-security/netlock-rmm/blob/main/NetLock RMM Agent Installer/README.md Performs a silent installation on Windows, hiding the console and removing logs. Requires administrative privileges. ```bash NetLock_RMM_Agent_Installer.exe clean C:\configs\server_config.json --hidden --no-log ``` -------------------------------- ### Agent Server Configuration (server_config.json) Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Specifies the servers an agent should contact and its tenant/location context. This file is encrypted and written by the installer during agent provisioning. ```json { "ssl": true, "package_guid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "communication_servers": "rmm.example.com", "remote_servers": "rmm.example.com", "update_servers": "rmm.example.com", "trust_servers": "rmm.example.com", "file_servers": "rmm.example.com", "relay_servers": "rmm.example.com", "tenant_guid": "tenant-guid-here", "location_guid": "location-guid-here", "language": "en", "access_key": "device-unique-access-key", "authorized": false } ``` -------------------------------- ### File Server Endpoints - Integrated File Management Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Endpoints for file upload, download, directory indexing, and installer package creation. Admin API calls require an `x-api-key` header. ```APIDOC ## File Server Endpoints — Integrated File Management The file server role exposes endpoints for file upload, download, directory indexing, and command execution. Admin API calls use an `x-api-key` header; agent file transfers use a `Package-Guid` header with device identity query parameters. ```bash # Upload a file to the integrated file server (admin API) curl -s -X POST "https://rmm.example.com/admin/files/upload/my-scripts" \ -H "x-api-key: your-api-key" \ -F "file=@/local/path/deploy.ps1" # Response: JSON with file GUID and metadata # Download a file from the file server (public download, optionally password-protected) curl -s -o deploy.ps1 \ "https://rmm.example.com/admin/files/download?guid=file-guid&password=optional-pw" # List directory contents curl -s -X POST "https://rmm.example.com/admin/files/index/my-scripts" \ -H "x-api-key: your-api-key" \ -d '' # Response: { "index": [...], "server_path": "/data/files" } # Create installer package via API curl -s -X POST https://rmm.example.com/admin/create_installer \ -H "x-api-key: your-api-key" \ -H "Content-Type: application/json" \ -d '{ "name": "acme-installer", "server_config": "{\"ssl\":true,\"package_guid\":\"...\",\"communication_servers\":\"rmm.example.com\",...}" }' # List currently connected devices curl -s https://rmm.example.com/admin/devices/connected \ -H "x-api-key: your-api-key" # Response: { "access_keys": ["key1", "key2", ...] } ``` ``` -------------------------------- ### Get Relay Session Information Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Fetches details for a specific relay session using its session ID. Requires API key. ```bash curl -s "https://rmm.example.com/admin/relay/info?session_id=session-guid" \ -H "x-api-key: your-api-key" ``` -------------------------------- ### Get Relay Session Info Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Retrieves information about a specific relay session using its session ID. Requires an API key. ```APIDOC ## GET /admin/relay/info ### Description Retrieves information about a specific relay session. ### Method GET ### Endpoint https://rmm.example.com/admin/relay/info ### Query Parameters - **session_id** (string) - Required - The GUID of the session to retrieve information for. ### Headers - **x-api-key** (string) - Required - Your API key ``` -------------------------------- ### Create Relay Session (Admin/Web Console) Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Use this endpoint to initiate a new relay session for administrative access. Requires API key and target device access key. ```bash curl -s -X POST https://rmm.example.com/admin/relay/create \ -H "x-api-key: your-api-key" \ -H "Content-Type: application/json" \ -d '{"target_device_access_key": "device-access-key"}' ``` -------------------------------- ### Full Inventory Upload (C#) Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt This C# code snippet shows how to send a complete hardware and software inventory snapshot to the NetLock RMM server. It requires device authorization and a valid `Package-Guid` header. The payload includes detailed device identity and rich inventory collections. ```csharp // Agent side — Online_Mode.Handler.Update_Device_Information() var jsonObject = new { device_identity = identity, // same struct as Verify_Device processes = processes_json, // JSON array cpu_information = cpu_information_json, ram_information = ram_information_json, network_adapters = network_adapters_json, disks = disks_json, applications_installed = applications_installed_json, applications_logon = applications_logon_json, applications_scheduled_tasks = applications_scheduled_tasks_json, applications_services = applications_services_json, applications_drivers = applications_drivers_json, antivirus_products = antivirus_products_json, antivirus_information = antivirus_information_json, cronjobs = cronjobs_json, }; var json = JsonSerializer.Serialize(jsonObject, new JsonSerializerOptions { WriteIndented = true }); using var http = new HttpClient(); http.DefaultRequestHeaders.Add("Package-Guid", Configuration.Agent.package_guid); var response = await http.PostAsync( "https://rmm.example.com/Agent/Windows/Update_Device_Information", new StringContent(json, Encoding.UTF8, "application/json") ); // 200: "authorized" | "synced" | "not_synced" 403: "unauthorized" ``` -------------------------------- ### Server Configuration (appsettings.json) Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Defines Kestrel endpoints, server roles, SignalR tuning, MySQL connection details, and Members Portal API settings for the NetLock RMM server. Ensure sensitive information like passwords and API keys are managed securely. ```json { "Kestrel": { "Endpoint": { "Http": { "Enabled": true, "Port": 7080 }, "Https": { "Enabled": false, "Port": 7443, "Force": true, "Hsts": { "Enabled": true }, "Certificate": { "Path": "/certs/cert.pfx", "Password": "secret" } } }, "Limits": { "MaxConcurrentConnections": 2000, "MaxConcurrentUpgradedConnections": 2000, "MaxRequestBodySize": 10737418240, "KeepAliveTimeout": 120 }, "Roles": { "Comm": true, "Update": true, "Trust": true, "Remote": true, "Notification": true, "File": true, "LLM": true, "Relay": true } }, "SignalR": { "MaximumReceiveMessageSize": 102400000, "ClientTimeoutInterval": 120, "KeepAliveInterval": 15, "HandshakeTimeout": 30, "EnableDetailedErrors": true, "StreamBufferCapacity": 20, "MaximumParallelInvocationsPerClient": 5, "MaxConnectionAttempts": 5, "ConnectionAttemptDelayMs": 5000 }, "Relay_Server": { "Port": 7081 }, "MySQL": { "Server": "127.0.0.1", "Port": 3306, "Database": "netlock", "User": "root", "Password": "yourpassword", "SslMode": "None", "AdditionalConnectionParameters": "" }, "Members_Portal_Api": { "Enabled": true, "Cloud": false, "ApiKeyOverride": "", "ServerGuid": "your-guid" }, "Environment": { "Docker": false } } ``` -------------------------------- ### Full Inventory Upload Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt This endpoint is called periodically by the agent to upload a complete hardware and software inventory snapshot to the server. It requires a valid Package-Guid header and device authorization. ```APIDOC ## POST /Agent/Windows/Update_Device_Information — Full Inventory Upload ### Description Called periodically by the comm agent to push a complete hardware and software inventory snapshot to the server. Requires a valid `Package-Guid` header and device authorization. The payload wraps `device_identity` together with rich inventory collections (processes, CPU, RAM, network adapters, disks, installed apps, services, drivers, antivirus data). ### Method POST ### Endpoint /Agent/Windows/Update_Device_Information ### Parameters #### Request Body - **device_identity** (object) - Required - Contains the identity information of the device (same structure as `Verify_Device` endpoint). - **processes** (array) - Optional - JSON array of process information. - **cpu_information** (object) - Optional - CPU information. - **ram_information** (object) - Optional - RAM information. - **network_adapters** (array) - Optional - Array of network adapter details. - **disks** (array) - Optional - Array of disk information. - **applications_installed** (array) - Optional - Array of installed applications. - **applications_logon** (array) - Optional - Array of application logon information. - **applications_scheduled_tasks** (array) - Optional - Array of scheduled tasks. - **applications_services** (array) - Optional - Array of service information. - **applications_drivers** (array) - Optional - Array of driver information. - **antivirus_products** (array) - Optional - Array of antivirus products. - **antivirus_information** (object) - Optional - Antivirus information. - **cronjobs** (array) - Optional - Array of cron job information. ### Headers - **Package-Guid** (string) - Required - The GUID of the agent package. ### Response #### Success Response (200) - **string** - The status of the upload: `authorized`, `synced`, or `not_synced`. #### Error Response (403) - **string** - Indicates the device is `unauthorized`. ### Request Example ```json { "device_identity": { "agent_version": "2.6.1.2cs", "package_guid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "device_name": "WORKSTATION01", "location_guid": "loc-guid", "tenant_guid": "tenant-guid", "access_key": "device-access-key", "hwid": "hardware-id", "platform": "Windows", "ip_address_internal": "192.168.1.100", "operating_system": "Windows 11 Pro 23H2", "architecture": "x64" }, "processes": [], "cpu_information": {}, "ram_information": {}, "network_adapters": [], "disks": [], "applications_installed": [], "applications_logon": [], "applications_scheduled_tasks": [], "applications_services": [], "applications_drivers": [], "antivirus_products": [], "antivirus_information": {}, "cronjobs": [] } ``` ### Response Example ``` "authorized" ``` ``` -------------------------------- ### Agent Device Authentication (C#) Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Use this C# code to authenticate a device with the NetLock RMM server. Ensure the `Package-Guid` header is correctly set. The server responds with an authorization status. ```csharp // Agent side — Online_Mode.Handler.Authenticate() var identity = new Device_Identity { agent_version = Application_Settings.version, // "2.6.1.2cs" package_guid = Configuration.Agent.package_guid, device_name = Environment.MachineName, location_guid = Configuration.Agent.location_guid, tenant_guid = Configuration.Agent.tenant_guid, access_key = Device_Worker.access_key, hwid = Configuration.Agent.hwid, platform = "Windows", // "Linux" | "MacOS" ip_address_internal = Device_Worker.ip_address_internal, operating_system = Device_Worker.operating_system, domain = Environment.UserDomainName, antivirus_solution = Device_Worker.antivirus_solution, firewall_status = Device_Worker.firewall_status.ToString(), architecture = "x64", last_boot = Device_Worker.last_boot, timezone = Device_Worker.timezone, cpu = Device_Worker.cpu, cpu_usage = Device_Worker.cpu_usage, ram = Device_Worker.ram, ram_usage = Device_Worker.ram_usage, tpm = Device_Worker.tpm, last_active_user = Device_Worker.last_active_user, }; var payload = JsonSerializer.Serialize(new { device_identity = identity }); using var http = new HttpClient(); http.DefaultRequestHeaders.Add("Package-Guid", Configuration.Agent.package_guid); var response = await http.PostAsync( "https://rmm.example.com/Agent/Windows/Verify_Device", new StringContent(payload, Encoding.UTF8, "application/json") ); // response body: "authorized" | "synced" | "not_synced" | "unauthorized" string result = await response.Content.ReadAsStringAsync(); ``` -------------------------------- ### Agent Device Authentication (curl) Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt This curl command demonstrates how to authenticate a device with the NetLock RMM server. It requires the `Content-Type` and `Package-Guid` headers, along with a JSON payload containing device identity. ```bash # Equivalent curl call curl -s -X POST https://rmm.example.com/Agent/Windows/Verify_Device \ -H "Content-Type: application/json" \ -H "Package-Guid: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \ -d '{ "device_identity": { "agent_version": "2.6.1.2cs", "package_guid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "device_name": "WORKSTATION01", "location_guid": "loc-guid", "tenant_guid": "tenant-guid", "access_key": "device-access-key", "hwid": "hardware-id", "platform": "Windows", "ip_address_internal": "192.168.1.100", "operating_system": "Windows 11 Pro 23H2", "architecture": "x64" } }' # Response: "authorized" ``` -------------------------------- ### Create Relay Session Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Creates a new relay session for admin or web console access. Requires an API key and a target device access key. ```APIDOC ## POST /admin/relay/create ### Description Creates a new relay session for admin or web console access. ### Method POST ### Endpoint https://rmm.example.com/admin/relay/create ### Headers - **x-api-key** (string) - Required - Your API key - **Content-Type** (string) - Required - application/json ### Request Body - **target_device_access_key** (string) - Required - The access key of the target device. ### Request Example ```json { "target_device_access_key": "device-access-key" } ``` ### Response #### Success Response (200) - **session_id** (string) - The ID of the created session. - **relay_token** (string) - The token for the relay session. ``` -------------------------------- ### Check Agent Version (Bash) Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Agents query this endpoint to check if a new version is available. The server compares the agent's reported version against the current expected version. The response indicates if the agent is 'up_to_date', 'update_available', or provides the new version string. ```bash curl -s -X POST https://rmm.example.com/Agent/Windows/Check_Version \ -H "Content-Type: application/json" \ -H "Package-Guid: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \ -d '{"agent_version": "2.6.1.2cs", "platform": "Windows"}' # Response: "up_to_date" | "update_available" | version string ``` -------------------------------- ### File Server API Operations Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt These cURL commands demonstrate various file management operations via the integrated file server API. Use appropriate headers and parameters for each action. ```bash # Upload a file to the integrated file server (admin API) curl -s -X POST "https://rmm.example.com/admin/files/upload/my-scripts" \ -H "x-api-key: your-api-key" \ -F "file=@/local/path/deploy.ps1" # Response: JSON with file GUID and metadata # Download a file from the file server (public download, optionally password-protected) curl -s -o deploy.ps1 \ "https://rmm.example.com/admin/files/download?guid=file-guid&password=optional-pw" # List directory contents curl -s -X POST "https://rmm.example.com/admin/files/index/my-scripts" \ -H "x-api-key: your-api-key" \ -d '' # Response: { "index": [...], "server_path": "/data/files" } # Create installer package via API curl -s -X POST https://rmm.example.com/admin/create_installer \ -H "x-api-key: your-api-key" \ -H "Content-Type: application/json" \ -d '{ "name": "acme-installer", "server_config": "{\"ssl\":true,\"package_guid\":\"...\",\"communication_servers\":\"rmm.example.com\",...}" }' # List currently connected devices curl -s https://rmm.example.com/admin/devices/connected \ -H "x-api-key: your-api-key" # Response: { "access_keys": ["key1", "key2", ...] } ``` -------------------------------- ### Server Health Check Endpoint Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt A simple liveness check endpoint to verify the server is running. Returns 'ok' with HTTP 200 on success. ```bash curl -s https://rmm.example.com/test ``` -------------------------------- ### Retrieve Agent Policy (C#) Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Agents use this endpoint to fetch their assigned policy, including antivirus settings, scan jobs, and general agent configurations. The policy is cached locally for offline enforcement. Handles special responses like 'no_assigned_policy_found' or 'unauthorized'. ```csharp // Agent side — Online_Mode.Handler.Policy() // POST with device_identity payload (same as Verify_Device) var response = await http.PostAsync( "https://rmm.example.com/Agent/Windows/Policy", new StringContent(json, Encoding.UTF8, "application/json") ); string result = await response.Content.ReadAsStringAsync(); // On success, parse the returned policy JSON: using (JsonDocument document = JsonDocument.Parse(result)) { string avSettings = document.RootElement.GetProperty("antivirus_settings_json").ToString(); string avExclusions = document.RootElement.GetProperty("antivirus_exclusions_json").ToString(); string avScanJobs = document.RootElement.GetProperty("antivirus_scan_jobs_json").ToString(); string sensors = document.RootElement.GetProperty("policy_sensors_json").ToString(); string jobs = document.RootElement.GetProperty("policy_jobs_json").ToString(); string trayIcon = document.RootElement.GetProperty("tray_icon_settings_json").ToString(); string agentSettings= document.RootElement.GetProperty("agent_settings_json").ToString(); } // Special responses: "no_assigned_policy_found" | "unauthorized" ``` -------------------------------- ### POST /Agent/Windows/Remote/Command - Remote Control Screen Capture Upload Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt The remote agent uploads binary screen capture frames to the server. The server then forwards these frames to the waiting admin client via SignalR. ```APIDOC ## POST /Agent/Windows/Remote/Command — Remote Control Screen Capture Upload The remote agent uploads binary screen capture frames to the server via multipart/form-data. The server extracts the `device_identity`, verifies the device, looks up the waiting admin client in the SignalR hub, and pushes the raw screenshot bytes directly to the admin via `ReceiveClientResponseRemoteControlScreenCapture`. ```bash # Remote agent posts a screenshot frame curl -s -X POST https://rmm.example.com/Agent/Windows/Remote/Command \ -H "Package-Guid: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \ -F "device_identity={\"device_identity\":{\"access_key\":\"device-key\",...}}" \ -F "response_id=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \ -F "screenshot=@/tmp/frame.png;type=image/png" # 200 "ok" on success ``` ``` -------------------------------- ### Agent Device Authentication Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt This endpoint is called by the agent on startup to authenticate the device. It POSTs a device identity payload with a Package-Guid header and receives an authorization status. ```APIDOC ## POST /Agent/Windows/Verify_Device — Agent Device Authentication ### Description This is the first endpoint an agent calls on startup. The agent POSTs a full `device_identity` JSON payload with a `Package-Guid` header. The server verifies the package GUID, matches the device against the database, and returns `authorized`, `synced`, `not_synced`, or `unauthorized`. Upon receiving `authorized`, the agent persists the new auth state to its encrypted `server_config.json`. ### Method POST ### Endpoint /Agent/Windows/Verify_Device ### Parameters #### Request Body - **device_identity** (object) - Required - Contains the identity information of the device. - **agent_version** (string) - Required - The version of the agent. - **package_guid** (string) - Required - The GUID of the agent package. - **device_name** (string) - Required - The name of the device. - **location_guid** (string) - Required - The GUID of the device's location. - **tenant_guid** (string) - Required - The GUID of the tenant. - **access_key** (string) - Required - The access key for the device. - **hwid** (string) - Required - The hardware ID of the device. - **platform** (string) - Required - The operating system platform (e.g., "Windows", "Linux", "MacOS"). - **ip_address_internal** (string) - Optional - The internal IP address of the device. - **operating_system** (string) - Optional - The operating system details. - **domain** (string) - Optional - The domain the device belongs to. - **antivirus_solution** (string) - Optional - The antivirus solution installed. - **firewall_status** (string) - Optional - The status of the firewall. - **architecture** (string) - Optional - The system architecture (e.g., "x64"). - **last_boot** (string) - Optional - The timestamp of the last boot. - **timezone** (string) - Optional - The timezone of the device. - **cpu** (string) - Optional - CPU information. - **cpu_usage** (number) - Optional - Current CPU usage percentage. - **ram** (string) - Optional - RAM information. - **ram_usage** (number) - Optional - Current RAM usage percentage. - **tpm** (string) - Optional - TPM information. - **last_active_user** (string) - Optional - The last active user on the device. ### Headers - **Package-Guid** (string) - Required - The GUID of the agent package. ### Response #### Success Response - **string** - The authorization status: `authorized`, `synced`, `not_synced`, or `unauthorized`. ### Request Example ```json { "device_identity": { "agent_version": "2.6.1.2cs", "package_guid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "device_name": "WORKSTATION01", "location_guid": "loc-guid", "tenant_guid": "tenant-guid", "access_key": "device-access-key", "hwid": "hardware-id", "platform": "Windows", "ip_address_internal": "192.168.1.100", "operating_system": "Windows 11 Pro 23H2", "architecture": "x64" } } ``` ### Response Example ``` "authorized" ``` ``` -------------------------------- ### Server Health Check Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt A simple liveness check endpoint to verify the server is running. ```APIDOC ## GET /test ### Description A simple liveness check endpoint to verify the server is running. ### Method GET ### Endpoint https://rmm.example.com/test ### Response #### Success Response (200) - **Response Body**: "ok" ``` -------------------------------- ### Device_Identity Data Model Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt The canonical identity object sent by every agent. Fields map directly to the database `devices` table and contain hardware and system information. ```csharp public class Device_Identity { public string agent_version { get; set; } // "2.6.1.2cs" public string package_guid { get; set; } // deployment package GUID public string device_name { get; set; } // Environment.MachineName public string location_guid { get; set; } // from server_config.json public string tenant_guid { get; set; } // from server_config.json public string access_key { get; set; } // unique per device public string hwid { get; set; } // hardware fingerprint (CPU+Disk+WinID) public string platform { get; set; } // "Windows" | "Linux" | "MacOS" public string ip_address_internal{ get; set; } public string operating_system { get; set; } public string domain { get; set; } public string antivirus_solution { get; set; } public string firewall_status { get; set; } public string architecture { get; set; } // "x64" | "x86" | "ARM64" public string last_boot { get; set; } public string timezone { get; set; } public string cpu { get; set; } public string cpu_usage { get; set; } public string mainboard { get; set; } public string gpu { get; set; } public string ram { get; set; } public string ram_usage { get; set; } public string tpm { get; set; } public string last_active_user { get; set; } } ``` -------------------------------- ### Ingest Agent Events (Bash) Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Agents batch and POST events such as sensor alerts and job results to this endpoint. The server verifies the device and stores the events, making them visible in the web console. Expects a JSON payload with device identity and an array of events. Returns 200 on success or 403 if unauthorized. ```bash curl -s -X POST https://rmm.example.com/Agent/Windows/Events \ -H "Content-Type: application/json" \ -H "Package-Guid: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \ -d '{ "device_identity": { "access_key": "device-access-key", ... }, "events": [ { "type": "sensor", "severity": 2, "title": "CPU Usage High", "description": "CPU usage exceeded 90% threshold", "timestamp": "2024-11-01T14:30:00Z" } ] }' # 200 on success, 403 if unauthorized ``` -------------------------------- ### Upload Screen Capture via HTTP POST Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt The remote agent uploads screen capture frames using a multipart/form-data POST request. Ensure the correct headers and form fields are included for successful processing. ```bash # Remote agent posts a screenshot frame curl -s -X POST https://rmm.example.com/Agent/Windows/Remote/Command \ -H "Package-Guid: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \ -F "device_identity={\"device_identity\":{\"access_key\":\"device-key\",...}}" \ -F "response_id=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \ -F "screenshot=@/tmp/frame.png;type=image/png" # 200 "ok" on success ``` -------------------------------- ### Event Ingestion Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Agents batch and POST events such as sensor alerts, job results, and system events to the server. The server verifies the device and stores the events for visibility in the web console. ```APIDOC ## POST /Agent/Windows/Events — Event Ingestion Agents batch and POST events (sensor alerts, job results, system events) to the server. The server verifies the device, then consumes and stores the events. Events become visible in the web console event browser. ### Method POST ### Endpoint /Agent/Windows/Events ### Headers - **Content-Type**: application/json - **Package-Guid**: (string) - The GUID of the agent package. ### Request Body - **device_identity** (object) - Information to identify the device. - **access_key** (string) - The access key for the device. - ... (other identity fields) - **events** (array) - A list of events to ingest. - **type** (string) - The type of the event (e.g., "sensor"). - **severity** (integer) - The severity level of the event. - **title** (string) - A short title for the event. - **description** (string) - A detailed description of the event. - **timestamp** (string) - The timestamp of the event in ISO 8601 format. ### Response - **200 OK** on success. - **403 Forbidden** if unauthorized. ``` -------------------------------- ### Fetch Relay Public Key Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Retrieve the server's RSA public key for establishing secure relay sessions. This key is used by the Relay App to verify the server's identity. ```bash # Fetch the server's RSA public key (used by Relay App to verify the server) curl -s https://rmm.example.com/relay/public-key # Response: PEM-encoded RSA public key + fingerprint ``` -------------------------------- ### List Active Relay Sessions Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Retrieves a list of all currently active relay sessions. Requires API key. ```bash curl -s https://rmm.example.com/admin/relay/list \ -H "x-api-key: your-api-key" ``` -------------------------------- ### Agent Version Check Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Agents query this endpoint to determine if an update is available by submitting their current version. The server compares this against the expected version. ```APIDOC ## POST /Agent/Windows/Check_Version — Agent Version Check Agents query this endpoint to determine if an update is available. The server compares the submitted agent version against the current expected version stored in the database. ### Method POST ### Endpoint /Agent/Windows/Check_Version ### Headers - **Content-Type**: application/json - **Package-Guid**: (string) - The GUID of the agent package. ### Request Body - **agent_version** (string) - The current version of the agent. - **platform** (string) - The operating system platform (e.g., "Windows"). ### Response - **"up_to_date"** (string) - Indicates the agent is up to date. - **"update_available"** (string) - Indicates an update is available. - **version string** - The latest available version string if an update is available. ``` -------------------------------- ### List Active Relay Sessions Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Retrieves a list of all currently active relay sessions. Requires an API key. ```APIDOC ## GET /admin/relay/list ### Description Retrieves a list of all currently active relay sessions. ### Method GET ### Endpoint https://rmm.example.com/admin/relay/list ### Headers - **x-api-key** (string) - Required - Your API key ``` -------------------------------- ### Announce Relay Connection Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt The Relay App uses this endpoint to announce its connection before opening a TCP tunnel. Requires API key, session ID, and relay token. ```bash curl -s -X POST https://rmm.example.com/admin/relay/announce \ -H "x-api-key: your-api-key" \ -H "Content-Type: application/json" \ -d '{"session_id": "session-guid", "relay_token": "token"}' ``` -------------------------------- ### Policy Retrieval Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Agents call this endpoint to fetch the policy currently assigned to them. The response contains various settings and configurations, which the agent caches locally. ```APIDOC ## POST /Agent/Windows/Policy — Policy Retrieval Agents call this endpoint to fetch the policy currently assigned to them (by tenant/location/group, domain, IP, or device name). The response JSON contains antivirus settings, scan jobs, sensor definitions, scheduled jobs, tray icon settings, and general agent settings. The agent caches the policy into a local SQLite database for offline enforcement. ### Method POST ### Endpoint /Agent/Windows/Policy ### Request Body (Implicitly contains device identity information, similar to Verify_Device) ### Response - **antivirus_settings_json** (string) - JSON string containing antivirus settings. - **antivirus_exclusions_json** (string) - JSON string containing antivirus exclusions. - **antivirus_scan_jobs_json** (string) - JSON string containing antivirus scan job configurations. - **policy_sensors_json** (string) - JSON string defining policy sensors. - **policy_jobs_json** (string) - JSON string defining scheduled jobs. - **tray_icon_settings_json** (string) - JSON string for tray icon settings. - **agent_settings_json** (string) - JSON string for general agent settings. Special responses: "no_assigned_policy_found" | "unauthorized" ``` -------------------------------- ### Send Remote Shell Command via SignalR Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Use this structure to send commands to a remote device via the SignalR CommandHub. Ensure the correct command type and payload are used for the desired operation. ```csharp // Admin (Web Console) sends a remote shell command // Connection: wss://rmm.example.com/commandHub // Header: Admin-Identity: %7B%22token%22%3A%22session-token%22%7D // Message sent from web console to hub: var message = new { admin_identity = new { token = "admin-session-token" }, target_device = new { access_key = "device-access-key" }, command = new { type = 0, // 0=remote shell, 1=file browser, 2=service, // 3=task manager, 4=remote control, 5=check conn, // 6=tray chat, 7=access request, 9=power, 10-13=eventlog wait_response = true, powershell_code = "Get-Process | Select-Object Name,CPU | ConvertTo-Json", } }; // Hub routes to device; device executes, calls back: // ReceiveClientResponse(responseId, resultJson, persistent: false) // Hub forwards result to admin via: "ReceiveClientResponseRemoteShell" // Command type reference: // type 0 → remote shell (PowerShell/Bash/Zsh) // type 1 → file browser (sub-commands 0-11: drives, index, create/delete/move/rename dir & file, upload/download) // type 2 → service action // type 3 → task manager action // type 4 → remote control (sub-commands: screen capture, screen indexes, users, clipboard, elevation) // type 5 → check connection (answered by server directly, no device round-trip) // type 6 → tray icon chat message // type 7 → remote control access request // type 9 → power management (shutdown, restart, sleep, logoff) // type 10-13 → remote event log viewer // type 15 → virtual display driver management ``` -------------------------------- ### SignalR CommandHub - Real-Time Bidirectional Messaging Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt The `/commandHub` SignalR hub facilitates real-time communication for various remote operations between admins and devices. Admins send commands via `MessageReceivedFromWebconsole`, and devices respond via `ReceiveClientResponse`. ```APIDOC ## SignalR `CommandHub` — Real-Time Bidirectional Messaging The `/commandHub` SignalR hub is the real-time backbone for all interactive remote operations: remote shell, file browser, task manager, service management, remote control screen capture, tray icon chat, power management, and event log viewing. Devices and admins both connect with identity headers. The admin sends commands via `MessageReceivedFromWebconsole`; the device replies via `ReceiveClientResponse`. ```csharp // Admin (Web Console) sends a remote shell command // Connection: wss://rmm.example.com/commandHub // Header: Admin-Identity: %7B%22token%22%3A%22session-token%22%7D // Message sent from web console to hub: var message = new { admin_identity = new { token = "admin-session-token" }, target_device = new { access_key = "device-access-key" }, command = new { type = 0, // 0=remote shell, 1=file browser, 2=service, // 3=task manager, 4=remote control, 5=check conn, // 6=tray chat, 7=access request, 9=power, 10-13=eventlog wait_response = true, powershell_code = "Get-Process | Select-Object Name,CPU | ConvertTo-Json", } }; // Hub routes to device; device executes, calls back: // ReceiveClientResponse(responseId, resultJson, persistent: false) // Hub forwards result to admin via: "ReceiveClientResponseRemoteShell" // Command type reference: // type 0 → remote shell (PowerShell/Bash/Zsh) // type 1 → file browser (sub-commands 0-11: drives, index, create/delete/move/rename dir & file, upload/download) // type 2 → service action // type 3 → task manager action // type 4 → remote control (sub-commands: screen capture, screen indexes, users, clipboard, elevation) // type 5 → check connection (answered by server directly, no device round-trip) // type 6 → tray icon chat message // type 7 → remote control access request // type 9 → power management (shutdown, restart, sleep, logoff) // type 10-13 → remote event log viewer // type 15 → virtual display driver management ``` ``` -------------------------------- ### Announce Relay Connection Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Used by the Relay App to announce its connection before opening a TCP tunnel. Requires session ID and relay token. ```APIDOC ## POST /admin/relay/announce ### Description Announces the Relay App's connection before opening a TCP tunnel. ### Method POST ### Endpoint https://rmm.example.com/admin/relay/announce ### Headers - **x-api-key** (string) - Required - Your API key - **Content-Type** (string) - Required - application/json ### Request Body - **session_id** (string) - Required - The GUID of the session. - **relay_token** (string) - Required - The token for the relay session. ### Request Example ```json { "session_id": "session-guid", "relay_token": "token" } ``` ``` -------------------------------- ### Relay Endpoints - End-to-End Encrypted Remote Sessions Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Manages encrypted tunnels between the Relay App and target agents using RSA key exchange. Fetches the server's RSA public key for verification. ```APIDOC ## Relay Endpoints — End-to-End Encrypted Remote Sessions The relay subsystem manages encrypted tunnels between the Relay App (admin side) and target agents. RSA key exchange is used to bootstrap a session; actual tunnel data flows over a dedicated TCP port (default 7081). ```bash # Fetch the server's RSA public key (used by Relay App to verify the server) curl -s https://rmm.example.com/relay/public-key # Response: PEM-encoded RSA public key + fingerprint ``` ``` -------------------------------- ### Close Relay Session Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Terminates an active relay session. Requires API key and session ID. ```bash curl -s -X POST https://rmm.example.com/admin/relay/close \ -H "x-api-key: your-api-key" \ -H "Content-Type: application/json" \ -d '{"session_id": "session-guid"}' ``` -------------------------------- ### Close Relay Session Source: https://context7.com/0x101-cyber-security/netlock-rmm/llms.txt Closes an active relay session. Requires an API key and the session ID. ```APIDOC ## POST /admin/relay/close ### Description Closes an active relay session. ### Method POST ### Endpoint https://rmm.example.com/admin/relay/close ### Headers - **x-api-key** (string) - Required - Your API key - **Content-Type** (string) - Required - application/json ### Request Body - **session_id** (string) - Required - The GUID of the session to close. ### Request Example ```json { "session_id": "session-guid" } ``` ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.