Come join our live training webinar every other Wednesday at 11am PST and hear LogicMonitor experts explain best practices and answer common questions. We understand these are uncertain times, and we are here to help!
To add new users to your LogicMonitor account, navigate to Settings | User Access | Users & Roles | Add | User. As discussed next, there are several settings that must be established in order to create user accounts. These settings determine credentials, some basic interface behavior, and a user’s level of permissions.
Note: Role Access view permissions and User Access manage permissions are required in order to provision user accounts.
If toggled on, this option will allow creation of a user only capable of API access. For such a user, only the Username, API Tokens, Roles, Status and Notes fields are relevant. API only users don’t have passwords or other user interface-specific fields, making them a more secure option if you are creating a dedicated user for an API-based integration.
A name or email address to be used to log in to the account.
Name fields to help identify the user.
Primary email address for the user. This contact method will be used for email alert and report delivery.
The password to be used upon initial login.
Passwords must be a minimum of eight characters, containing:
By default, this option is checked when creating a new user. It will cause the system to immediately prompt the new user for a password change upon their initial login.
Password changes can also be required of existing users at any time. If the user is logged in at the time this is option is checked, they will receive a notification stating they will need to change their password the next time they log in. Once the user has completed the password change, the Force Password Change? option resets to unchecked.
If this option is selected, the user will be required to use two-factor authentication upon next login. For more information on LogicMonitor’s implementation of this additional security layer, see Two-Factor Authentication.
Note: Currently, two-factor authentication is not enforced when logging in through our mobile client.
Not required. If entered, it is available as a contact method for voice alerts and native SMS alerts.
Not required. If entered, this email address will be available as a contact method for email SMS alerts.
The format for email SMS alert notifications that the SMS email address will receive. Select “Full-text” to receive the entire alert message or “Short (160 chars)” to receive an abbreviated version.
The Time Zone field for all new users defaults to the time zone specified for the LogicMonitor account (as configured in the global portal settings). However, if a user is located in a different time zone, it can be selected from this field’s dropdown menu to allow the user to view and configure time-based data and settings relative to their local region.
When a user account is configured to a time zone other than the global LogicMonitor account, their UI will display time-based data (e.g. alerts, report output, one-time events, raw data, etc.) according to their chosen time zone. Users can easily toggle between their user-specific and account level time zones from the UI header, as shown next.
All events a user configures (e.g. SDT, Collector upgrades, report deliveries, SLA periods, etc.) will be configured, by default, in the user’s specific time zone. However, this can be overridden on a case-by-case basis using the Event time zone dropdown menu, shown next, that accompanies all time-related settings throughout the interface.
In the User Groups area of user configurations, you can assign the user to one or more previously-configured user groups. If your organization doesn’t organize users by group, or if the group hasn’t yet been created, leave the table empty to assign the user to the default “Ungrouped” group. For more information on user groups, see the User Groups section of this support article.
The API tokens associated with the user. The API Tokens entered here can be used to authenticate REST API requests, and will assume the role(s) of the user. Make sure to save the Access Key to a secure location when you add an API Token, as that value will not be displayed again.
The roles assigned to this user. If a user is assigned multiple roles, the user’s privileges are a sum of the privileges of each of the assigned roles. For example, if one assigned role provides view only permissions to all resources, but another assigned role provides manage permissions to all resources, the user will have view and manage permissions for all resources. If yet another assigned role provides view permissions for all dashboards, but no permissions for resources, the user will maintain manage permissions for all resources and additionally gain view permissions for all dashboards. For more information on user roles, see Roles.
The View Permission area of a user’s configurations determines which pages will be visible to the user. If a page is not selected in this area, the user will not have access to it, regardless of permission levels provided by assigned roles.
Generally, you’ll want to leave all of these pages selected and let the user’s assigned roles determine visibility and access, but there may be some circumstances in which the user needs to be definitively restricted from a particular page.
Users are active by default. Suspended users will be unable to log in to the system.
The user note is for reference. It does not display anywhere else in the interface.
Existing users can be viewed at Settings | Users & Roles | Users. All users are nested in group(s) and listed in table form.
From this table, you can:
Note: Another user management tool is the User report. It can be used to generate detailed data for LogicMonitor user accounts—on a global or granular level. For more information, see User Report.
As with other areas of LogicMonitor, users can be organized into logical groupings. In addition to providing basic organization, user groups provide granular role-based access control (RBAC) for the viewing and management of users across the platform. For example, by assigning permissions to a user that only allow that user access to certain user groups, you can restrict which users are displayed to that user when they perform tasks such as establishing report delivery recipients, alert delivery recipients (i.e. escalation chains), or recipient groups.
To create a user group, navigate to Settings | Users & Roles | Users | Add | User Group.
Users can be added to user groups when creating the user (i.e. from the Add User dialog), editing the user (i.e. from the Manage User dialog), or, as discussed in the Managing Users section of this support article, from the table of users that displays on the Users tab.
Note: While a single user can exist in multiple user groups, it cannot simultaneously exist in the default “Ungrouped” user group and another user group. Once a user is assigned to a user group other than the default “Ungrouped” group, it is removed from that default placeholder group.
User groups can be edited or deleted from the Users tab by clicking the drop-down arrow located to the right of a user group name.
When deleting a user group, you have the option to delete the group only, or the group and all its member users:
Upon setup of your LogicMonitor portal, a user account named “lmsupport” is auto created with the readonly role assigned. The purpose of this account is to provide LogicMonitor with remote support access to your portal for troubleshooting purposes.
Depending upon the options chosen at the time of setup, the lmsupport user account is initially created as either active or suspended. This designation directly determines whether or not LogicMonitor support can access your portal and, for security purposes, the status (enabled or disabled) of LogicMonitor’s remote support access always displays in the user interface.
The “Active” or “Suspended” status of the lmsupport user account, as well as its level of privileges, can be updated in the same manner as any other user account.
Note: If you toggle the lmsupport user account between active and suspended states, you’ll need to refresh the interface or navigate to a different area in order for the “Remote Support Access” status display to update.
In This Article