The Device Details page is the single-device control center in OpenFrame. From here you can review a managed device's full inventory (hardware, network, users, software), check its security and compliance posture, inspect the agents reporting on it, run remote sessions and scripts, and manage the device's lifecycle.
This guide walks every section and action on the page, with notes on what each is for and when you'd reach for it.
Getting to the page
Open Devices in the left nav, then pick a device from the list. Each device has its own detail URL of the form:
ini/devices/details/<device-uuid>/?tab=<tab-name>
The tab query parameter controls which tab is shown (e.g. ?tab=security), so you can deep-link or bookmark a specific tab for a device.
Use ← Back (top left) to return to the device list.
Page header
The header stays visible no matter which tab is open.
Device name and status. The device's display name (e.g. VM116194) appears as the page title, with a colored status badge below it (ONLINE / OFFLINE). Status reflects the most recent agent check-in.
Action buttons (top right):
- Remote Control — launches a remote desktop session to the device (opens in a new window, marked by the ↗ icon). Use it for interactive, GUI-level support.
- Remote Shell — opens a remote command-line session on the device. The adjacent dropdown (▾) lets you choose the shell/connection option before launching. Use it for scripted or terminal-based work.
- … (more actions) — opens a menu with lifecycle actions (see below).
Remote Control and Remote Shell need the device online and the relevant agent (e.g. MeshCentral / Tactical) connected. If they look unavailable, check the Agents tab.
The "…" actions menu
| Action | What it does | Notes |
|---|---|---|
| Run Script | Opens the script runner targeted at this device (↗). | Use it to push a one-off or saved script to the device. |
| Archive Device | Moves the device into an archived state. | Reversible — retire a device without losing its history. |
| Delete Device | Permanently removes the device. | Destructive. Shown in red. Use with care; prefer Archive when unsure. |
Device summary card
Right under the header is a summary card with the device's identity fields:
- Hostname — the device's network hostname.
- Type — device form factor (e.g. DESKTOP).
- Device — manufacturer/model (e.g. Microsoft Corporation, Virtual Machine).
- Serial Number — hardware serial.
- Customer ID (Site) — the customer/site the device belongs to. This is a link to the site.
- Registered — when the device was first enrolled.
- Updated — timestamp of the most recent data refresh.
- UUID — the device's unique identifier (also in the page URL).
Tabs
The detail view is organized into nine tabs: Hardware, Network, Security, Compliance, Agents, Users, Software, Vulnerabilities, Logs.
Hardware
Physical/virtual resource inventory.
- Disk Info — one card per drive showing Current Usage (%), Used Space, Free Space, and Total Capacity, with a usage bar. Virtual/partition-less drives may show N/A for some fields.
- RAM Info — system memory and Total Memory.
- CPU — processor model, Physical Cores, Logical Cores, and architecture Type (e.g. x86_64).
Use this tab to verify capacity, plan upgrades, or chase down performance complaints.
Network
- Public IP / IP Address — the device's internet-facing address.
- Local IPv4 Addresses — internal interface addresses.
Use it to confirm connectivity details and reachability.
Security
The device's overall security posture, grouped into sections:
- Encryption Status — Disk Encryption (Enabled/Disabled) and whether an Encryption Key is available.
- MDM Status — Enrollment state, Device Status (locked/unlocked), any Pending Action, and whether the device is Connected to Fleet.
- System Security — Reboot Required, Maintenance Mode.
- User Sessions — Current User, Last Logged In, Root Users count, Total Users.
- Security Agents — versions/status of the OpenFrame Agent, osquery, and Orbit Agent.
- Network Security — Primary IP, Public IP, MAC Address.
- Alert Configuration — Email/Text/Dashboard alert toggles, Alert Template, and offline/overdue thresholds.
- System Boot Information — Boot Time, Last Restarted, Uptime.
This is the main tab for judging whether a device meets your security baselines (encryption on, agents healthy, alerts configured).
Compliance
- Patch Management — Last Installed patch, Pending Patches, overall patch Status (e.g. Up to Date).
- Policy Compliance — which policies apply (Agent, Site, Client, Default) and whether Policy Inheritance is enabled.
- Compliance Checks — totals for checks run: Passing, Failing, Warnings, Info.
Use it to confirm the device is patched and aligned to its assigned policies.
Agents
Status of every management agent reporting on the device. For each agent (e.g. Fleet, MeshCentral, Tactical, OpenFrame Client, Osquery, OpenFrame Chat) you'll see Status (ONLINE/OFFLINE), Last seen, ID, and Version where applicable.
This is the first tab to check when remote actions fail or data looks stale — an offline agent usually explains it.
Users
Account inventory for the device.
- Currently Logged In — the active session (user, UID, group, shell).
- All System Users (N) — a card per local/domain account showing UID, Group, Shell, and Type (e.g. local).
Use it for security review (unexpected accounts, privileged group membership) and audit.
Software
A searchable, sortable inventory of installed software, with a count (e.g. Installed Software (33)) and columns:
- Software (name + version)
- Source (e.g. Windows, Chrome, IE, publisher signature)
- Security (e.g. No Issues)
- Last Opened
Use the search box to find a specific app and the Security column to spot flagged items.
Vulnerabilities
Lists known vulnerabilities tied to installed software. When clean, it shows No Vulnerabilities Found — All installed software is up to date and secure. Otherwise it lists the affected software and severity.
Use it as the actionable companion to the Software tab for risk remediation.
Logs
Device-scoped activity/event log with a Search for Logs box, a Refresh button, and columns Log ID, Status, Tool, Source, Log Details. Column headers offer filtering (the funnel icons). When empty it shows No logs found for this device.
Use it to trace recent actions, tool runs, and events on the device.
Common administrator workflows
Onboard / verify a new device. Check the summary card (correct site, recent Updated time) → Agents tab to confirm all agents are ONLINE → Security tab to confirm encryption and alert settings.
Respond to a support request. Confirm ONLINE status → use Remote Control (GUI) or Remote Shell (CLI) → optionally Run Script from the "…" menu for a repeatable fix → review the Logs tab afterward.
Security / compliance review. Security tab (encryption, agents, sessions) → Compliance tab (patches, policies, checks) → Vulnerabilities tab → Users tab for account audit.
Retire a device. Use … → Archive Device to retire while keeping history; use … → Delete Device only for permanent removal.
Notes and tips
- The page is read-mostly: most tabs show inventory and posture data refreshed from agents. The actionable controls are the header buttons (Remote Control, Remote Shell, "…" menu).
- Data freshness depends on agent check-ins — see Updated in the summary card and Last seen per agent.
- Deep-link straight to any tab via the
?tab=URL parameter. - Delete Device is destructive and can't be undone; prefer Archive unless permanent removal is the goal.
