circle-info
Welcome to the new Logpoint documentation portal! Can’t find what you’re looking for?
Logpoint Documentationarrow-up-right
search

Director User Roles and Permissions

hashtag
User Account Management

User Account Management is the authentication and authorization of Director Console users that uses Role Based Access Control (RBAC). RBAC uses the assignment of permissions to control which pools a user has access to through a user’s role and the user group they are assigned to.

Pool authoriztion can be configured by adding the user to a specific User Group while creating and editing a user. Go to User Groups to learn how to create a user group, go to Creating User to learn how to add a user to a user group while creating the user and go to Editing User to learn how to add a user to a user group while editing the user.

hashtag
User Roles

There are four different user roles:

  1. Root is the default user of the Director Console. There can be only one root user. The root user can upload and view Director license details and perform user management. The default credentials for the root user are:

    username: root
password: changeme

    If Director Console is deployed using AMI, the default credentials for the root user are:

    username: root
password: <AMI-instance-id>

    We recommend you change the password after your first login. Go to Change Password for more details.

  2. Admin can view Director license details, perform user management and configure entities on all the pools since it has the access to all the pools by default.

  3. SIEM Engineer can configure the entities only on the assigned pools.

  4. Readonly can only view the entities only on the assigned pools.

hashtag
User Permissions

The following table lists which permissions are assigned to each user.

Permissions

Root

Admin

SEIM Engineer

Readonly

Upload license

Yes

No

No

No

View license

Yes

Yes

No

No

Create admin users

Yes

Yes

No

No

Create regular users

Yes

Yes

No

No

Delete regular users

Yes

Yes

No

No

Invalidate regular users

Yes

No

No

No

Oversee LDAP and ADFS Authentication

Yes

No

No

No

Create/Delete/Edit entities

No

Yes

Yes

No

Search entities and log sources

No

Yes

Yes

Yes

View Config View

No

Yes

Yes

Yes

Upload and install assets

No

Yes

Yes

No

Configure plugins

No

Yes

Yes

No

Perform operations

No

Yes

Yes

No

View Centralized Monitoring Dashboard

No

Yes

Yes

Yes

Manage Centralized Monitoring Dashboard

No

Yes

Yes

No

Configure settings

No

Yes

Yes

No

View tasks and retry a failed action

No

Yes

Yes

No

Download Devices information as a CSV file

No

Yes

Yes

Yes

Perform backup and restore operation for the Director Console machine

Yes

No

No

No

Configure SFTP

Yes

No

No

No

Resync database

Yes

No

No

No

Generate API Tokens

No

Yes

Yes

No

hashtag
Generate API Tokens

From Profile, you can change your password and generate tokens to access the Director API. API token authenticates the user to access Director Console via APIs. Only admin user and SIEM Engineer can generate API tokens.

User Profile

hashtag
Change Password

  1. Click the Profile (profile) icon from the top of the page.

  2. In the Change Password section, enter your Old Password.

  3. Enter your New Password and confirm it.

circle-info

The password must be at least eight characters long.

  1. Click Update Password.

Last updated

Was this helpful?