trmm-expert

Answer questions about Tactical RMM (TRMM) — an open-source remote monitoring and management platform. Covers architecture, installation, agent deployment (Windows/Linux/macOS), MeshCentral integration, scripting (PowerShell/Python/Bash/Deno), script variables, custom fields, keystore, automated checks, tasks, automation policies, maintenance mode, alerting, email/SMS notifications, webhooks, REST API, global settings, overrides, permissions, Django admin, URL actions, user interface, software management, web terminal, management commands, reporting (Enterprise), SSO (Enterprise), third-party integrations (Bitdefender, Zammad), SNMP checks, BitLocker key retrieval, remote background sessions, and troubleshooting FAQ.

Quality

70%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Critical

Do not install without reviewing

Optimize this skill with Tessl

npx tessl skill review --optimize ./plugins/trmm-expert/skills/trmm-expert/SKILL.md

Overview

Tactical RMM (TRMM) is an open-source remote monitoring and management platform built on Django, Vue.js, and Go, with MeshCentral providing remote desktop/terminal/file browser capabilities. It uses NATS for real-time agent communication and PostgreSQL for data storage.

This skill provides expert-level answers from the complete TRMM documentation. When a user asks about TRMM, read the relevant reference file(s) listed in the navigation table below, then answer using that content.

Domain Concept Map

Organizational hierarchy: Client > Site > Agent. Every agent belongs to exactly one site, and every site belongs to exactly one client.

Check types: Disk Space, CPU Load, Memory, Script Check, Event Log, Ping, Windows Service (Winsvc). Each check runs at a configurable interval and produces a pass/fail result with a severity level (Info, Warning, Error).

Alert flow: Check fails or agent goes overdue → Alert created with severity → Alert Template determines notification actions (email, SMS, dashboard popup, webhook) → Optional failure script runs → When resolved, optional resolved script runs.

Task and Collector flow: Automated Tasks run scripts on schedules (time-based, check-failure, or manual). A Collector Task saves its last stdout line to a Custom Field, enabling dynamic data collection.

Custom Fields are user-defined fields on Agent, Site, or Client objects. They are referenced in scripts as {{agent.FieldName}}, {{site.FieldName}}, or {{client.FieldName}}. The Global Key Store provides {{global.key_name}} variables available to all scripts.

Automation Policy inheritance: Global → Client → Site → Agent. Each level can block inheritance from the level above. Policies deploy Checks, Tasks, Patch Policies, and Alert Templates in bulk. An Enforced policy overwrites conflicting agent-level checks.

Script variable syntax: {{model.field}} — e.g., {{agent.hostname}}, {{agent.site.name}}, {{client.name}}. Nested relations work. Everything between {{ }} is case-sensitive.

Reference Navigation

Read the reference file(s) matching the user's question topic before answering.

Topic	Reference File	Key Contents
Architecture, server components, NATS, services, how agents work, installation, agent deployment, antivirus exclusions, MeshCentral setup	`references/architecture.md`	Server infrastructure, nginx/NATS/celery services, firewall rules, agent install methods, mesh integration, Windows Update management
Scripts, script languages, script variables, custom fields, collector tasks, keystore	`references/scripting-and-variables.md`	PowerShell/Python/Bash/Deno support, `{{model.field}}` syntax, all agent/client/site/alert variable fields, custom field types, collector tasks, global key store
Checks, automated tasks, task scheduling, automation policies, patch policies, maintenance mode	`references/checks-tasks-policies.md`	Check types and intervals, task triggers (time/check-failure/manual), policy inheritance (Global→Client→Site→Agent), enforced policies, maintenance mode
Alerts, alert templates, email/SMS setup, webhooks	`references/alerting-and-notifications.md`	Alert severities, alert template options, periodic re-notification, failure/resolve actions, email relay setup (MS 365, Gmail), SMS via Twilio, webhook configuration
REST API, authentication, endpoints, examples	`references/api.md`	API key creation, authentication headers, endpoint listing with curl/PowerShell/Python examples, rate limiting
Global settings, setting overrides, permissions, Django admin, URL actions, UI preferences, software management, web terminal, management commands, advanced/dangerous commands	`references/settings-and-admin.md`	General settings, email/SMS config, MeshCentral config, browser token expiry, SSL certs, RBAC roles, Django admin access, URL action variables, chocolatey/software, bulk agent operations, database maintenance
Reporting templates, data queries, variables, base templates, assets, examples (Enterprise)	`references/reporting.md`	Jinja templating, data_sources with model/filter/columns, template dependencies, base template inheritance, report assets, PDF/CSV output, example reports
SSO / Single Sign-On (Enterprise)	`references/sso.md`	OIDC setup, Google/Microsoft/custom provider configuration, role mapping, user provisioning
FAQ, tips and tricks, Bitdefender GravityZone, Zammad, getting started guide, serial number examples, BitLocker keys, SNMP checks, remote background, roadmap	`references/integrations-and-tips.md`	Common troubleshooting, AV exclusion patterns, monitoring endpoints, third-party deployment guides, SNMP with pysnmplib, BitLocker key collection, remote terminal/file browser, development roadmap

Cross-Reference Guide

Some questions span multiple domains. Load files in the order shown:

Question Pattern	Files to Load (in order)
"How do I set up email/SMS alerts?"	alerting-and-notifications.md → settings-and-admin.md (Global Settings section)
"How do I write a script using custom fields?"	scripting-and-variables.md
"How do I create a report with agent data?"	reporting.md → scripting-and-variables.md (for variable syntax)
"How do I deploy agents?"	architecture.md (Agent Installation section)
"How do I automate patching?"	checks-tasks-policies.md (Automation Policies section) → architecture.md (Windows Update Management)
"How do I set up webhooks for alerts?"	alerting-and-notifications.md (Webhooks section)
"How do I use the API to manage agents?"	api.md
"How do I configure SSO?"	sso.md → settings-and-admin.md (Permissions section)
"How do I run scripts on check failure?"	checks-tasks-policies.md → scripting-and-variables.md
"How do I collect data into custom fields?"	scripting-and-variables.md (Custom Fields + Collector Tasks) → checks-tasks-policies.md (Automated Tasks)
"How do I set up SNMP monitoring?"	integrations-and-tips.md (SNMP Checks section)
"How do I use maintenance mode?"	checks-tasks-policies.md (Maintenance Mode section)

Key Syntax Quick Reference

Agent variables (use in script arguments or env vars):

{{agent.hostname}}, {{agent.public_ip}}, {{agent.local_ips}}
{{agent.operating_system}}, {{agent.plat}}, {{agent.version}}
{{agent.site.name}}, {{agent.site.client.name}}
{{agent.logged_in_username}}, {{agent.needs_reboot}}

Custom fields (case-sensitive, spaces allowed):

{{agent.My Field Name}}, {{client.AV_KEY}}, {{site.no_patching}}

Global keystore: {{global.key_name}}

Alert template variables (only in failure/resolve actions):

{{alert.message}}, {{alert.severity}}, {{alert.alert_type}}
{{alert.agent.hostname}}, {{alert.site.name}}, {{alert.client.name}}
{{alert.get_result.stdout}}, {{alert.get_result.stderr}}

Reporting data queries (YAML in variables editor):

data_sources:
    agents:
        model: agent
        filter:
            site__client_id: '{{ client.id }}'
        columns:
            - hostname
            - operating_system
            - last_seen

Jinja loops in reports:

{% for item in data_sources.agents %}
{{ item.hostname }} - {{ item.operating_system }}
{% endfor %}

Searching Large References

For reporting.md (~1200 lines), use Grep to find specific topics:

Data query filters: search for filter: or model:
Jinja syntax: search for {% or {{
Specific models: search for the model name (e.g., model: agent)

For settings-and-admin.md (~700 lines), search by section:

Email setup: search for Email or SMTP
Permissions: search for Role or Permission
Management commands: search for the command name or python manage.py

For architecture.md (~1100 lines):

Services: search for systemctl or the service name (e.g., nats, celery)
Agent install: search for install or deployment

Important Caveats

Case sensitivity: Everything between {{ }} in script variables is case-sensitive. {{agent.Hostname}} will NOT work; use {{agent.hostname}}.
API trailing slashes: All TRMM API endpoints require a trailing slash (e.g., /agents/). Omitting it returns a redirect or error.
Enterprise features: Reporting and SSO are Enterprise Edition features requiring a sponsor license.
RunAsUser limitations: The RunAsUser option for scripts and tasks has limitations on Linux/macOS agents.
MeshCentral domain: MeshCentral must be accessible on the same domain or with valid TLS. Agent communication depends on mesh connectivity.
Check intervals vs task schedules: Checks run at regular intervals (default 120s). Tasks use cron-style schedules, check-failure triggers, or manual execution. Don't confuse the two.
Backslash escaping: In custom fields, \ is an escape character. Use \\ for literal backslashes.
Policy inheritance blocking: Each level (Client, Site, Agent) can independently block policy inheritance from above. An "Enforced" policy overrides agent-level settings regardless.

Repository: seanGSISG/claude-depot
Commit: dd10cc1

Last updated: 1 day ago
Created: 1 day ago

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.