Understand Organizations

An organization is the basic entity used to organize your LogScale instance.

In LogScale, an organization is a top-level container that:

  • Serves as the primary boundary for data isolation and access control.

  • Contains repositories where actual log data is stored.

  • Manages users, groups, and their permissions.

  • Maintains organization-specific settings and configurations.

The following diagram illustrates an organization as the top-level container with repositories within the organization that store log data as well as components (views, dashboards, alerts, parsers). There is also user and group management with permissions, organization-wide settings, package management for extending functionality, and ingest configuration for data sources. The hierarchical structure shows how all components exist within the organization boundary, with repositories serving as the primary containers for log data and its associated configurations.

graph TD A[Organization] --> B1[Repository 1] A --> B2[Repository 2] A --> B3[Repository n...] A --> C[Users & Groups] C --> C1[User Permissions] A --> D[Organization Settings] D --> D1[Authentication] D --> D2[API Tokens] D --> D3[Ingest Tokens] B1 --> E1[Views] B1 --> E2[Dashboards] B1 --> E3[Alerts] B1 --> E4[Parsers] B2 --> F1[Views] B2 --> F2[Dashboards] B2 --> F3[Alerts] B2 --> F4[Parsers] A --> G[Package Management] G --> G1[Installed Packages] A --> H[Ingest] H --> H1[Data Sources]
graph TD A[Organization] --> B1[Repository 1] A --> B2[Repository 2] A --> B3[Repository n...] A --> C[Users & Groups] C --> C1[User Permissions] A --> D[Organization Settings] D --> D1[Authentication] D --> D2[API Tokens] D --> D3[Ingest Tokens] B1 --> E1[Views] B1 --> E2[Dashboards] B1 --> E3[Alerts] B1 --> E4[Parsers] B2 --> F1[Views] B2 --> F2[Dashboards] B2 --> F3[Alerts] B2 --> F4[Parsers] A --> G[Package Management] G --> G1[Installed Packages] A --> H[Ingest] H --> H1[Data Sources]

Organization owners

Within an organization, one or more users will be assigned as an Organization Owner. Organization owners have full access to all available actions within the organization and can perform the actions in Organization Settings as well as Users and Permissions.

Organization Settings

Security Requirements and Controls

As an owner of an organization in LogScale, you have additional rights and privileges to set the configuration of your organization. From any screen of the LogScale User Interface, click the user menu icon and select Organization settings.

Note

If you are not the Organization Owner you will not have the Organization Settings menu option.

Account Menu dropdown displaying options including Organization Settings, User Preferences, and Account Management.

FigureĀ 26.Ā Account Menu


Once clicked, you see a screen similar to the one shown in FigureĀ 27, ā€œOrganization Settingsā€ , depending on your system configuration and any feature flags that might be selected.

You can use the GraphQL API to get information on an organization with the organization() query field. You'd use the updateOrganizationInfo() mutation field to make changes. Use the parentOrganizations() and childOrganizations() query fields for information on parent and child organizations. To link or unlink an organization to another, to make one a child of a parent, you can use the linkChildOrganization() and unlinkChildOrganization() GraphQL mutation fields.

Organization Settings page displaying sections for General information, Usage statistics, Session Management, Users and Permissions, and Query Monitoring.

FigureĀ 27.Ā Organization Settings


You can manage the following organization settings.

  • Organization Settings includes:

  • Session Management includes:

  • Users and Permissions includes:

    • Users to configure and manage users. For more information, see Manage Users.

    • Groups to manage groups and assign users to them. For more information, see Manage Groups.

    • Roles to assign different roles to users. For more information, see Manage Roles.

    • Organization tokens provide specific permissions and limits when using and accessing LogScale through any of the APIs, in this case related to organization management. For more information, see Organization API Tokens.

    • IP filters lets you set IP filter rules to block network access for specific areas of LogScale. For more information, see IP Filters.

  • Assets includes:

    • Deleted repositories and views shows you all repositories and views deleted in the last seven days, and provides the option to restore a delete repository or view, or to see the audit log details for information about why the repository or view was deleted. For information about how to delete a repository or view, see Delete a Repository or View.

    • Event forwarders is used to configure event forwarders to forward events that are ingested into LogScale to other systems that require parts of the data, such as Machine Learning, for example, while still logging everything in a central place. For more information about event forwarding, see Event Forwarding.

  • Field aliasing includes:

    • Schemas and field aliasing is used to create data models to apply at query time, simplifying query writing and making it easier to search and correlate data originating from different sources. For more information about field aliasing, see Field Aliasing.