Skip to content
LogoLogScale DocumentationFull Library Knowledge Base Release Notes Integrations Query Examples Training API GraphQL API Contacting Support
help

Versions of this Page

    • Cloud Overview
    • Getting Started
    • Instance Administration
      • Cluster statistics
      • Data Retention
      • S3 Archiving
      • LogScale Internal Logging
      • Log LogScale to LogScale
      • LogScale SaaS Upgrades
      • Ingest Usage Management
        • What's Measured
          • Measurement Repositories
        • Measure Data Ingest
        • Optimize Ingestion
          • Best Practices to Optimize Data Ingestion
        • Monitor Usage
      • Dynamic Configuration Parameters
        • AggregatorOutputRowLimit
        • BucketStorageKeySchemeVersion
        • BucketStorageUploadInfrequentThresholdDays
        • BucketStorageWriteVersion
        • CancelQueriesExceedingAggregateOutputRowLimit
        • defaultDigestReplicationFactor
        • defaultSegmentReplicationFactor
        • DelayIngestResponseDueToIngestLagScale
        • DelayIngestResponseDueToIngestLagMaxFactor
        • DelayIngestResponseDueToIngestLagThreshold
        • DisableNewRegexEngine
        • FdrEnable
        • FdrExcludedNodes
        • FdrMaxNodes
        • FlushSegmentsAndGlobalOnShutdown
        • GraphQLSelectionSizeLimit
        • GraphQlDirectivesAmountLimit
        • GroupDefaultLimit
        • GroupMaxLimit
        • IngestFeedAwsDownloadMaxObjectSize
        • IngestFeedAwsProcessingDownloadBufferSize
        • IngestFeedAwsProcessingEventBufferSize
        • IngestFeedAwsProcessingEventsPerBatch
        • IngestFeedGovernorRateOverride
        • IngestFeedGovernorIngestDelayHigh
        • IngestFeedGovernorIngestDelayLow
        • JoinRowLimit
        • LiveAdhocTableUpdatePeriodMinimumMs
        • LiveQueryMemoryLimit
        • LookupTableSyncAwaitSeconds
        • MatchFilesMaxHeapFraction
        • MaxCsvFileUploadSizeBytes
        • MaxIngestRequestSize
        • MaxJsonFileUploadSizeBytes
        • MaxOpenSegmentsOnWorker
        • ParserBacktrackingLimit
        • QueryBacktrackingLimit
        • QueryCoordinatorMaxHeapFraction
        • QueryCoordinatorMemoryLimit
        • QueryMemoryLimit
        • QueryPartitionAutoBalance
        • QueryResultRowCountLimit
        • RdnsDefaultLimit
        • RdnsMaxLimit
        • ReplaceANSIEscapeCodes
        • StateRowLimit
        • StaticQueryFractionOfCores
        • TableCacheMaxStorageFraction
        • TableCacheMaxStorageFractionForIngestAndHttpOnly
        • TargetMaxRateForDatasource
        • UnauthenticatedGraphQLSelectionSizeLimit
        • UndersizedMergingRetentionPercentage
        • Getting Dynamic Configuration List
        • Setting a Dynamic Configuration Value
    • Organization Essentials
      • Organization Settings
      • Organization Query Monitor
        • Query Stats
        • Query Details
        • Query Clients
        • Block & Kill
      • Blocking Queries
        • Add Query to Blocklist
        • Blocked Query Indications
    • Configure Security
      • Tokens in LogScale
      • API Tokens
        • Use API Tokens
          • Use an Expired API Token
          • Use an IP Filtered API Token
        • Repository and View API Tokens
          • View Repository Tokens
          • Create Repository API Tokens
          • Manage Repository API Tokens
        • Organization API Tokens
          • View Organization API Tokens
          • Create Organization API Tokens
          • Manage Organization API Tokens
        • Personal API Token
      • IP Filters
        • IP Filter Rules
        • Manage IP Filters
        • Create an IP Filter
        • Edit an IP Filter
      • Security policies
        • Dashboard security policies
        • API token security policies
          • Behavior when changing token security policies
          • Personal API token security policy
          • Repository and View API tokens security policy
          • Organization API tokens security policies
        • Actions security policies
        • Change actions security policies
          • Email action security policy
          • OpsGenie action security policy
          • PagerDuty action security policy
          • Slack action security policy
          • Upload file action security policy
          • LogScale repository action security policy
          • VictorOps action security policy
          • Custom webhook actions action security policy
      • Session management
      • Audit Logging
    • Authentication & Identity Providers
      • SAML Authentication
        • Active Dir. Federation Svc.
        • Azure Active Dir.
        • Duo Security
        • Okta
        • PingFederate
      • OpenID Connect
    • Users & permissions
      • Manage Users
        • Edit a User
        • Manage User Roles
        • Remove a User
        • Grant permissions to specific assets to a user
      • Manage Groups
        • Group Roles
        • Grant permissions to specific assets to groups
        • Group Memberships
        • Group Synchronization
      • Manage Roles
        • Default Role Permissions
      • Permissions requirements
        • Repository & View Permissions
        • Organization Admin. Permissions
        • Supported Functionality
        • Functionality Requirements
    • Ingesting Data
      • Log Shippers
      • Backfilling Data
      • Disabling Ingestion
      • Ingest FDR Data
        • Troubleshooting FDR Ingest
      • Ingest Tokens
      • Ingest Data from AWS S3
        • Set up a New Ingest Feed
        • Edit Ingest Feed Configuration
        • Delete an Ingest Feed
        • Enable and Disable Ingest Feeds
    • LogScale URLs & Endpoints
    • Limits & Standards
    • Data Analysis Overview
    • LogScale User Interface
      • Managing Your Account
    • Repositories & Views
      • Create Repository or View
      • Repository and View Settings
      • Falcon LTR Repositories
      • Lookup Files
      • Delete Repositories & Views
    • Parsing Data
      • Built-in Parsers
      • Creating a Parser
          • Normalize and Validate Against CPS Schema
      • Ingest Tokens
      • Parser Errors
      • Removing Fields
      • Event Tags
      • Parsing Timestamps
    • Searching Data
      • Query Editor
      • Event Fields
      • Display Fields
      • Select & Filter
      • Adding & Removing Fields
      • Display Results
      • Inspect Events
      • Show in Context
      • Format Columns
      • Column Properties
      • Field Data Types
      • Field Interactions
      • Different Visuals
      • Highlight Filter Match
      • Change Time Interval
      • Set Time Zone
      • Save Searches
      • Export Data
      • Search Status
      • Event List Interactions
      • Field Aliasing
        • Configuring Field Aliasing
        • Managing Field Aliasing
        • Searching with Field Aliasing
        • Understanding Field Mapping Requirements
        • Understanding Schema Requirements
    • Writing Queries
      • Basic Query Principles
      • Managing Queries
      • Common Queries
      • Writing Better Queries
      • Query Readability & Better Usage
      • Example Queries
    • Query Language Syntax
      • Comments
      • Field Names
      • Query Filters
      • Operators
      • Adding Fields
      • User Parameters/Variables
      • Conditional Evaluation
      • Array Syntax
      • Expressions
      • Function Syntax
      • Time Syntax
        • Supported Time Zones
        • Relative Time Syntax
      • Regular Expression Syntax
        • Regular Expression Syntax Patterns
        • Unsupported Regular Expression Patterns
        • Regular Expression Flags
        • LogScale Regular Expression Engines
        • Differences from Other Regex Implementations
    • Query Joins and Lookups
      • Types of Join
      • Join Methods
      • Using Ad-hoc Tables
      • Using Lookup Files
        • Using the readFile() Function
        • Using the match() Function
      • Using join() or selfJoin()
        • Using the join() Function
        • Using the selfJoin() Function
        • Join Operation and Optimization
    • Query Functions
      • Aggregate Query Functions
      • Array Query Functions
      • Comparison Query Functions
      • Conditional Query Functions
      • Event & Data Manipulation Query Functions
      • Filtering Query Functions
      • Formatting Query Functions
      • Geolocation Query Functions
      • Hash Query Functions
      • Join Query Functions
      • Math Query Functions
      • Network & Location Query Functions
      • Parsing Query Functions
      • Preamble Query Functions
      • Regular Expression Query Functions
      • Security Query Functions
      • Sequence Query Functions
      • Statistics Query Functions
      • String Query Functions
      • Time & Date Query Functions
      • Widget Query Functions
      • accumulate()
      • array:append()
      • array:contains()
      • array:dedup()
      • array:drop()
      • array:eval()
      • array:exists()
      • array:filter()
      • array:intersection()
      • array:length()
      • array:reduceAll()
      • array:reduceColumn()
      • array:reduceRow()
      • array:regex()
      • array:rename()
      • array:sort()
      • array:union()
      • asn()
      • avg()
      • base64Decode()
      • base64Encode()
      • beta:param()
      • beta:repeating()
      • bitfield:extractFlags()
      • bitfield:extractFlagsAsArray()
      • bitfield:extractFlagsAsString()
      • bucket()
      • callFunction()
      • cidr()
      • coalesce()
      • collect()
      • communityId()
      • concat()
      • concatArray()
      • copyEvent()
      • count()
      • counterAsRate()
      • createEvents()
      • crypto:md5()
      • crypto:sha1()
      • crypto:sha256()
      • default()
      • defineTable()
      • drop()
      • dropEvent()
      • duration()
      • end()
      • eval()
      • eventFieldCount()
      • eventInternals()
      • eventSize()
      • fieldset()
      • fieldstats()
      • findTimestamp()
      • format()
      • formatDuration()
      • formatTime()
      • geography:distance()
      • geohash()
      • getField()
      • groupBy()
      • hash()
      • hashMatch()
      • hashRewrite()
      • head()
      • if()
      • in()
      • ioc:lookup()
      • ipLocation()
      • join()
      • json:prettyPrint()
      • kvParse()
      • length()
      • linReg()
      • lower()
      • lowercase()
      • match()
      • math:abs()
      • math:arccos()
      • math:arcsin()
      • math:arctan()
      • math:arctan2()
      • math:ceil()
      • math:cos()
      • math:cosh()
      • math:deg2rad()
      • math:exp()
      • math:expm1()
      • math:floor()
      • math:log()
      • math:log10()
      • math:log1p()
      • math:log2()
      • math:mod()
      • math:pow()
      • math:rad2deg()
      • math:sin()
      • math:sinh()
      • math:spherical2cartesian()
      • math:sqrt()
      • math:tan()
      • math:tanh()
      • max()
      • min()
      • neighbor()
      • now()
      • objectArray:eval()
      • objectArray:exists()
      • parseCEF()
      • parseCsv()
      • parseFixedWidth()
      • parseHexString()
      • parseInt()
      • parseJson()
      • parseLEEF()
      • parseTimestamp()
      • parseUri()
      • parseUrl()
      • parseXml()
      • partition()
      • percentile()
      • range()
      • rdns()
      • readFile()
      • regex()
      • rename()
      • replace()
      • round()
      • sample()
      • sankey()
      • select()
      • selectFromMax()
      • selectFromMin()
      • selectLast()
      • selfJoin()
      • selfJoinFilter()
      • series()
      • session()
      • setField()
      • setTimeInterval()
      • shannonEntropy()
      • slidingTimeWindow()
      • slidingWindow()
      • sort()
      • split()
      • splitString()
      • start()
      • stats()
      • stdDev()
      • stripAnsiCodes()
      • subnet()
      • sum()
      • table()
      • tail()
      • test()
      • text:contains()
      • time:dayOfMonth()
      • time:dayOfWeek()
      • time:dayOfWeekName()
      • time:dayOfYear()
      • time:hour()
      • time:millisecond()
      • time:minute()
      • time:month()
      • time:monthName()
      • time:second()
      • time:weekOfYear()
      • time:year()
      • timeChart()
      • tokenHash()
      • top()
      • transpose()
      • unit:convert()
      • upper()
      • urlDecode()
      • urlEncode()
      • wildcard()
      • window()
      • worldMap()
      • writeJson()
      • xml:prettyPrint()
    • Dashboards & Widgets
      • Create Dashboards and Widgets
      • Manage Widgets
      • Manage Dashboards
      • Edit Dashboards
      • Organize Information on Dashboards
        • Sections
      • Work with Time on Dashboards
        • Shared Time Selector
        • Widget Time Selector
        • Section Time Selector
        • Live Dashboards
        • Time Zone Settings
        • Default Time Settings for Dashboards
      • Manage Dashboard Parameters
      • Manage Dashboard Interactions
      • Export Dashboards as PDF
        • PDF Export Options
      • Scheduled PDF Reports
        • Scheduled Reports Security
          • Create a Scheduled PDF Role using the UI
        • Managing Scheduled Reports
        • Create Scheduled Reports
        • Edit Scheduled Reports
        • Limitations
        • Scheduled Reports Errors and Resolutions
      • Widgets
        • Bar Chart Widget
        • Event List Widget
        • Gauge Widget
        • Heat Map Widget
        • Note Widget
        • Parameter Panel Widget
        • Pie Chart Widget
        • Sankey Diagram Widget
        • Scatter Chart Widget
        • Single Value Widget
        • Table Widget
        • Time Chart Widget
        • World Map Widget
        • Embedding iFrame Widgets
    • Automation
      • Triggers
        • What trigger type to choose
        • General information about triggers
        • Trigger management
          • Create triggers
          • Edit triggers
          • Manage triggers
          • Trigger properties
          • Monitor, diagnose, and troubleshoot triggers
            • Monitor Triggers with humio-activity Repository
            • Aggregate alert errors and solutions
            • Scheduled search errors and solutions
            • Filter alert errors and solutions
            • Legacy alert errors and solutions
            • Errors when Using Live join() Functions
      • Actions
        • Create Actions
        • Manage Actions
        • Action Type: Email
        • Action Type: Falcon LogScale Repository
        • Action Type: OpsGenie
        • Action Type: PagerDuty
        • Action Type: Slack
        • Action Type: Upload File
        • Action Type: VictorOps (Splunk On-Call)
        • Action Type: Webhooks
        • Send aggregate results to actions
        • Message Templates and Variables
      • Cron Schedule Templates
    • Template Language
      • Template Expressions
      • Template Variable Types
      • Template Examples
    • Keyboard Shortcuts
LogScale Cloud
Falcon LogScale Documentation
/ Falcon LogScale Cloud 1.177.0-1.180.0
/ Manage users & permissions
Reading time: 0 minutes

Permissions requirements

The following sections contain reference information about the necessary permissions to perform activities in LogScale.

  • Repository & View Permissions

  • Organization Admin. Permissions

  • Cluster Management Permissions

  • Supported Functionality

  • Functionality Requirements

Support
  • Twitter
  • Facebook
  • LinkedIn
  • Youtube

© 2025 CrowdStrike All other marks contained herein are the property of their respective owners.

Children of this Page

Repository & View Permissions
Organization Administration Permissions
Permissions & Supported Functionality
Functionality Permission Requirements

Enter search term