Under the hood

How ReportMate works

Native binaries collect and process on each device, then stream events to an API, store, and dashboard that run in your own Azure or AWS tenant — deployed with Terraform in an afternoon. Every layer is yours to read, audit, and extend, and your fleet data never leaves infrastructure you control.

  1. 1

    Collect

    On device

    Native binary reads OS-level data

  2. 2

    Transmit

    On device

    Event sent over HTTPS

  3. 3

    Ingest

    In your cloud

    FastAPI receives the event

  4. 4

    Store

    In your cloud

    Written to PostgreSQL as JSONB

  5. 5

    Read

    Web & native

    Dashboard, native apps & API

flowchart TB
  subgraph EP["①  ENDPOINTS — collect & process on-device"]
    direction LR
    MAC["<b>Macintosh</b><br/>native ReportMate binary<br/><small>Swift · launchd</small>"]
    WIN["<b>Windows</b><br/>native ReportMate binary<br/><small>C# / .NET · service + task</small>"]
    MAC ~~~ WIN
  end

  PAY{{"<b>one event payload</b><br/>10 module documents<br/><small>hardware · system · network · security · applications<br/>installs · inventory · management · identity · peripherals</small>"}}
  EP ==> PAY

  subgraph CLOUD["② &nbsp;YOUR CLOUD — Terraform on Azure/AWS, or self-host with Docker"]
    direction LR
    API["<b>FastAPI</b><br/>ingest + REST /api/v1<br/><small>40+ endpoints · OpenAPI</small>"]
    DB[("<b>PostgreSQL</b><br/>JSONB per module")]
    RT(["<b>SignalR / Web PubSub</b><br/>real-time push"])
    API --> DB
    API --> RT
  end
  PAY ==>|"HTTPS POST /api/v1/events<br/>X-Client-Passphrase"| API

  subgraph READ["③ &nbsp;READ — web, native &amp; your tools"]
    direction LR
    WEB["<b>Next.js dashboard</b><br/><small>live fleet view</small>"]
    APPS["<b>Native Macintosh &amp; Windows apps</b><br/><small>coming soon</small>"]
    INT["<b>CMDB · SIEM · automation</b><br/><small>via REST API</small>"]
  end
  DB ==> WEB
  RT ==> WEB
  DB ==> APPS
  RT ==> APPS
  API ==> INT

  classDef ep fill:#eff6ff,stroke:#2563eb,stroke-width:2px,color:#1e3a8a;
  classDef pay fill:#0074c7,stroke:#015da1,stroke-width:2.5px,color:#ffffff;
  classDef cloud fill:#ecfdf5,stroke:#059669,stroke-width:2px,color:#065f46;
  classDef read fill:#fff7ed,stroke:#ea580c,stroke-width:2px,color:#9a3412;
  class MAC,WIN ep;
  class PAY pay;
  class API,DB,RT cloud;
  class WEB,APPS,INT read;

  style EP fill:#f8fafc,stroke:#cbd5e1,color:#334155;
  style CLOUD fill:#f8fafc,stroke:#cbd5e1,color:#334155;
  style READ fill:#f8fafc,stroke:#cbd5e1,color:#334155;
Collection and processing run on the endpoint; storage, real-time push, and reading run in infrastructure you own.
Engineering principle

The right tool at every layer

A deliberate split: a compiled native binary where reliability matters most, Python and FastAPI where iteration speed and ecosystem matter most. Each layer gets the tooling it deserves.

On the device

A single compiled binary that just runs

Collection is Swift on Macintosh and C#/.NET on Windows, driven by osquery and native OS tooling. A self-contained binary installs in seconds and runs unattended — built for the kind of rock-solid reliability fleet collection demands, day after day, with nothing to babysit.

  • Swift (Macintosh) and C#/.NET (Windows)
  • osquery + native OS APIs for fast, accurate collection
  • One self-contained binary — quick to deploy, nothing to maintain
In your cloud

Python & FastAPI, where they shine

The API layer is exactly where Python pays off: FastAPI gives us a typed, OpenAPI-documented event API that's fast to extend and a pleasure to integrate against. Its rich ecosystem lives in the cloud you control and upgrade on your own schedule.

  • FastAPI with a full OpenAPI spec and interactive docs
  • Runs in a container, provisioned by Terraform on Azure or AWS
  • Upgraded centrally — endpoints are unaffected