Skip to main content
Sumo Logic

Understand Default User Roles

There are two default roles assigned to users in a Sumo Logic account: Administrator and Analyst. These roles are assigned to any users already in your organization's Sumo Logic account.

If your organization isn't ready to implement RBAC, you can keep users assigned to these two roles. By default, both roles have full access to data in an account.


Because the Administrator role is designed as a super user, the Administrator role cannot be deleted. It's created by default with full permissions and rights.

Administrators can:

  • Manage users (create new users, deactivate users, re-activate users, and delete users).
  • See a list of all roles in the account.
  • Create new roles (manage access to data).
  • Apply roles to a user.
  • Edit roles.
  • Delete roles.

In addition, Administrators have permissions to read and manage Collectors, meaning that in addition to running queries, Administrators can download and install Collectors, upgrade Collectors, and view information on the Collection page of the Sumo Logic Web Application.


Users with the Analyst role have permission to access every part of a Sumo Logic account except for user and Collector management. This role can be deleted if it doesn't suit your organization's needs (after you've reassigned all users to other roles).

By default, Analysts have read access to Collectors and Sources, and are able to run queries on all the data your organization has uploaded to Sumo Logic. You can, however, change the Analyst privileges and permissions if necessary.