Permissions Requirements

LogScale requires access levels and authorizations to perform operations, including repository and view permissions, organization administration, cluster management, and feature-specific requirements. The supported functionality and specific permission requirements across different aspects of the system manage the access controls needed for the user roles.

The following sections contain reference information about the necessary permissions to perform activities in LogScale.

Organization Administration Permissions

The Organization permissions allow control for an individual organization.

Table: Fleet management Permissions

Users Description Shorthand/API Name
Change fleet management Change fleet management settings and configurations ChangeFleetManagement
View fleet management View Fleet Management settings and configurations ViewFleetManagement

Table: Permissions and user management Permissions

Users Description Shorthand/API Name
Change all view or repository permissions Change all view or repository permissions ChangeAllViewOrRepositoryPermissions
Change organization permissions Change organization permissions ChangeOrganizationPermissions
Change organization security policies Change organization security policies ChangeOrganizationSecurityPolicies
Change sessions Change session configuration and active sessions ChangeSessions
Manage users Manage users, groups, and roles ManageUsers

Table: Organization settings Permissions

Users Description Shorthand/API Name
Change IP filters Create and update IP filters ChangeIPFilters
Change organization settings Change organization settings ChangeOrganizationSettings
View all internal notifications View all internal notifications ViewAllInternalNotifications

Table: Repository and view management Permissions

Users Description Shorthand/API Name
Create repository Create repositories CreateRepository
Delete all repositories Delete all repositories DeleteAllRepositories
Delete all views Delete all views DeleteAllViews
Ingest across all repositories within organization Ingest across all repositories within organization IngestAcrossAllReposWithinCluster
Manage view connections List all views and repositories, create views linked to any repository, update connections of any existing views ManageViewConnections

Table: Other Permissions

Users Description Shorthand/API Name
Change all triggers that run on behalf of users, which users they run on behalf of and all actions Change all triggers that run on behalf of users, which users they run on behalf of and all actions ChangeTriggersToRunAsOtherUsers
Export organization Export organization so that it can be imported to another cluster ExportOrganization
View usage View usage statistics ViewUsage

Table: Query Monitoring Permissions

Users Description Shorthand/API Name
Block queries Allow user to configure query blocking BlockQueries
Monitoring queries Allow user to use the Query Monitor MonitorQueries

Permissions and Supported Functionality

The following lists detail which permissions are required to support different areas of functionality, linking to the corresponding page.

Change archiving settingsChange Azure ingest feedsChange ingest feedsChange Ingest tokensChange organization permissionsChange organization settingsChange permission tokens on repo or viewChange sessionsManage ClusterManage organizationsManage usersView usage
Functionality Permission Requirements

The following lists detail which functionality (and their corresponding pages) require which permission to use.

Monitor Usage
Data Archiving
Ingest Data from AWS S3
Delete an Ingest Feed
Edit Ingest Feed Configuration
Blocking and Unblocking Ingestion

  • Manage Cluster

Ingest Feeds
Ingest Data from Azure Event Hubs
Delete an Azure Ingest Feed
Edit Azure Ingest Feed Configuration
Ingest Tokens
Delete an Ingest Token
Assign a Parser to a Token
Generating Ingest Tokens and Assigning Parsers
Organization Settings
Create Repository API Tokens
Manage Repository API Tokens
Users and Permissions
Asset permissions
Manage Groups
Group Roles
Add or change roles
Create New Groups
Assign default role for groups
Role exceptions for repositories

  • Manage organizations

Group Memberships
Query prefix for roles assigned to groups
Grant permissions to specific assets to groups
Group Synchronization
Default Role Permissions
Manage Roles
Aggregate permissions
Manage Users
Create user accounts
Edit a user account
List of users
Remove a user account
Manage User Roles
Grant Permissions to Specific Assets
Asset permissions on roles
Share assets in a view
Session management
Set session parameters
Manage active sessions