Default Role Permissions

Security Requirements and Controls

Manage users permission

LogScale provides a set of default roles with predefined permissions, including Admin (with full system management capabilities), Deleter (with data deletion rights), Member (with basic operational access and asset management), and Reader (with read-only access). Each role is designed to support different operational needs, with the Admin role having the most comprehensive permissions covering data access, system configuration, user management, and asset control, while other roles have more focused permission sets aligned with specific responsibilities.

LogScale includes a number of standard roles by default. These roles have the following permissions:

Admin Role
- Data read access
- Change connections for a view
- Change default search settings
- Change interactions
- Change permission tokens on repo or view
- Change shared dashboard URLs
- Change view or repo description
- Connect a view
- Change FDR feeds
- Change ingest feeds
- Change ingest tokens
- Change parsers
- Change S3 archiving settings
- Change event forwarding
- Change packages
- Change data deletion permissions
- Change user access
- Create Triggers
- Update Triggers
- Delete Triggers
- Create Actions
- Update Actions
- Delete Actions
- Create dashboards
- Update dashboards
- Delete dashboards
- Create files
- Update files
- Delete files
- Create saved queries
- Update saved queries
- Delete saved queries
- Create scheduled reports
- Update scheduled reports
- Delete scheduled reports
- Change persistent queries to run on behalf of organization: added in version 1.214. This permission is not added to existing instances of the Admin role; they will remain as they are and not get this permission. Only new instances of the Admin role, created when a new customer organization is created, will get this permission.
Deleter Role
Member Role
- Data read access
- Create dashboards
- Update dashboards
- Delete dashboards
- Create files
- Update files
- Delete files
- Create saved queries
- Update saved queries
- Delete saved queries
- Change parsers
- Change triggers and actions (deprecated from LogScale version 1.120)
- Create Triggers
- Update Triggers
- Delete Triggers
Reader Role ( This role cannot be edited or deleted.)
- Data read access

Self-Hosted Overview

Instance Administration

Organization Essentials

Configure Security

Authentication and Identity Providers

Users and Permissions

Cluster Management

Health Checks

Ingesting Data

Configuration Variables

LogScale URLs and Endpoints

Limits and Standards

Deployment Overview

Planning Your Deployment

Instance Sizing

Storage Architecture

Installing Using Containers

Installing On Bare Metal or Cloud Instance

Reference Architectures

Installing Load Balancers

Deploying Auxiliary Services

Configuration Settings

Managing Your Deployment

Testing Your Deployment

Humio Operator

Data Analysis Overview

LogScale Web Interface

Manage Repositories and Views

Manage Account

Parse Data

Search Data

Write Queries

Query Language Syntax

Query Joins and Lookups

Query Functions

Data Visualization

Automation

Template Language

Keyboard Shortcuts

Default Role Permissions

Security Requirements and Controls

Enter search term