User Roles and Responsibilities¶
In TeskaLabs LogMan.io, user roles define the permissions and access levels for different users. Each role is tailored to specific responsibilities and tasks within the system. Below are the primary user roles available in TeskaLabs LogMan.io, along with their responsibilities and intended use cases.
Note
Global roles */~lmio-admin
, */~lmio-plus-admin
, */~lmio-analyst
, and tenant-specific roles <tenant>/~analyst
, <tenant>/~operator
, <tenant>/~lmio-admin
, <tenant>/~lmio-plus-admin
, and <tenant>/~reader
are deprecated in LogMan.io v25.30, and will be removed in future releases. Please transition to the new default roles: */admin
, */analyst
, */operator
, and */reader
.
Administrator¶
- Role name:
*/admin
The Administrator has full access to all tenants and all features in TeskaLabs LogMan.io.
Responsibilities:
- Manages service configurations and maintenance.
- Oversees user accounts and role assignments.
- Configures and manages dashboards, reports, and alerts.
- Manages data exports and system analysis.
- Administers event lanes, replays, and collectors.
- Edit parsers and correlation rules.
- Manages alert configurations and baselines.
Intended for:
- System administrators and IT personnel responsible for overall system management and security.
Analyst¶
- Role name:
*/analyst
The Analyst monitors and safeguards online systems and networks, identifies security threats, and has access to all TeskaLabs LogMan.io tools and features.
Responsibilities:
- Monitors security alerts and incidents.
- Analyzes log data and reports.
- Accesses dashboards and data visualization tools.
- Configures and manages alerts, reports, and exports.
- Manages baseline data and lookup tables.
- Edit parsers and correlation rules.
Intended for:
- Security analysts and threat hunters responsible for identifying and mitigating security risks.
Operator¶
- Role name:
*/operator
The Operator performs essential monitoring and basic analysis tasks in TeskaLabs LogMan.io. This role involves independently reviewing alerts, monitoring data flows, and conducting initial investigations into logs and visualizations. Operators have access to core analytical tools but do not handle advanced analysis or configuration management.
Responsibilities:
- Monitors dashboards and reports.
- Conducts basic investigations of logs and visualizations
- Accesses and manages lookup tables.
- Works with log parsers and replay tools.
- Handles alerts and event analysis.
- Supports system maintenance and operations.
Intended for:
- Operators and IT personnel responsible for day-to-day monitoring and troubleshooting.
Reader¶
- Role name:
*/reader
The Reader role provides users with read-only access to logs, visualizations, and related data within TeskaLabs LogMan.io. This includes exploring events in the Discover screen, viewing dashboards, reports, exports and alerts.
Responsibilities:
- Views and explores data in the Discover screen.
- Views dashboards and reports.
- Monitors Alert Management.
- Accesses data exports in a read-only capacity.
Intended for:
- Users who require visibility into system data but do not need administrative or operational access.