Documentation forAPM Integrated Experience

User Roles and Access Levels

Organization Roles define the access users have to the organization’s settings and resources across all SolarWinds Application Management products (AppOptics, Loggly, Papertrail, and Pingdom). Product Roles define the access users have to the individual product's data and settings.

If a user or a group is assigned to multiple roles, they gain access to all features, data, settings, and other rights for all of their assigned roles.

User roles, whether organization or product roles, can be defined on a per-person level in the common settings. If SAML is enabled, user roles can instead be defined based on a user's membership in the organization's identity provider group. See Set up role mapping

Organization roles

Organization Roles define the access users have to the organization’s settings and resources across SolarWinds Application Management products (AppOptics, Loggly, Papertrail, and Pingdom).

  • Member roles have access to viewing the organization’s resources, but cannot modify settings related to the organization.

  • Admin roles can also manage the organization, its users, the products activated, and the organization’s settings.

  • Owner roles can do anything a member or admin can do, but also are allowed to configure Security settings. The organization owner role cannot be defined via role mapping; define the organization owner role for the user(s) manually in the Users section of common settings. See Edit a user's access to the organization and products.

Users must have an organization role defined before they can log into a SolarWinds Application Management product. If SAML role mapping is enabled, ensure all users are members of a group mapped to an organization role. If users are only mapped to product roles, they will not be able to log into the product.

Product roles and access levels

Product Roles define the access users have to each individual product's data and settings.

AppOptics product roles

  • Member roles have access to AppOptics data and features.

  • Admin roles have access to all AppOptics data and features and can manage billing information.

  • Owner roles have access to all AppOptics data and features and can manage billing information.

Loggly product roles

  • User roles have access to log data, alerts or alerting endpoints, and the Loggly API; depending on the restrictions applied to the user in Loggly settings, access to data may be limited to a set of specific source groups

  • Admin roles have access to all log data, as well as the ability to add or remove customer tokens, set up and edit alerts or alerting endpoints, manage users and their access to log data, and modify account settings.

  • Owner roles have access to all log data, as well as the ability to add or remove customer tokens, set up and edit alerts or alerting endpoints, manage users and their access to log data, modify account settings, update billing details, and modify subscription settings.

All users for all account tiers can perform and save searches, and create trend graphs. Users of Standard and Pro accounts can also create custom dashboards, source groups, and more. To change Loggly product ownership and restrict access to log data, see Log access and product ownership.

Papertrail product roles and access levels

Papertrail product roles define the access granted for Papertrail capabilities (settings and features), as well as log access permission levels. When access is defined in Papertrail settings, the users' product roles are defined by granting access to individual capabilities and permission levels. When defined in common settings, product roles are granted by selecting a product role (which encompasses a combination of capabilities accessible and log access permission levels).

While Papertrail is not part of the APM Integrated Experience, all SolarWinds Application Management products share common settings, including user role definitions.

Papertrail capabilities and log access permission levels

Papertrail capabilities include:

  • Manage users and permissions — access to all log data and capabilities, including the ability to manage users and their access to log data, modify account settings, update billing details, and modify subscription settings.

  • When Manage users and permissions is selected, all other capabilities are automatically selected at full permission levels and those other capabilities cannot be modified.

  • Change plans and payment — ability to update billing details, and modify subscription settings

  • Access to logs — ability to access log data.

Log access permissions define users' access level to the logs, which log groups they are permitted to access, and whether they can purge logs. The following log access permissions are available when Access to logs is selected:

  • Access level
    • Full Access — grants access to view logs, modify group details, save searches, and create alerts.
    • Read-only — grants the ability to view logs only.
  • Log groups
    • All groups — grants access to all logs in all log groups.
    • Specific groups — grants access to logs within specific log groups. Selectable log groups are displayed if specific groups is selected.
  • Purge logs — grants access to the ability to purge searchable logs. This option is only available to those with full access to all log groups.

Granting access and roles to Papertrail users

When Papertrail users' access and permission levels are defined in Papertrail Members settings, capabilities and log access permissions are granted separately and log access can be restricted to specific groups. See Papertrail Access Control for more information.

When Papertrail users' access and permission levels are defined in SolarWinds Application Management common settings, capabilities and log access permissions are granted via product roles.

If SAML role mapping is used to assign Product Roles to IdP groups, the Papertrail Members settings will be updated to reflect members' permissions as defined in SAML role mapping and only the definition of the specific log group(s) that members can access can be modified in Papertrail Members settings.

Pingdom product roles

  • Viewer roles can view checks, reports, and outages.
  • Editor roles can view reports, edit the public status page, and add, edit, and view checks.
  • Admin roles can view reports, edit the public status page, and add, edit, and view checks, as well as change subscription information.
  • Owner roles can view reports, edit the public status page, and add, edit, and view checks, as well as change subscription information

Pingdom alerts can also be sent to contacts that aren't SolarWinds Application Management users. These contacts can receive alerts, but cannot log in to the application or access additional data.

Navigation Notice: When the APM Integrated Experience is enabled, the products that make up the APM Integrated Experience share a common navigation and enhanced feature set. For documentation about features powered by AppOptics, click here. For features powered by Loggly, click here. For features powered by Pingdom, click here.