User Guide
User Management¶
LuceDev Syslog supports multiple user accounts with role-based access control. Admins manage accounts from Settings → Users; per-user preferences (theme, session timeout) live on each user's profile.
Roles¶
| Role | Dashboard | Export | Audit Trail | Settings | Users | Restart |
|---|---|---|---|---|---|---|
| Admin | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Auditor | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ |
| Viewer | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ |
- Admin has full access — settings, users, audit trail, exports, service restart.
- Auditor can see everything (dashboard, audit trail) and export logs, but cannot change settings or manage users. Use this for compliance teams who need read access plus an export trail.
- Viewer can only see the dashboard. No export, no audit trail, no settings.
Creating a user¶
- Go to Settings → Users
- Click Add User
- Fill in the form:
| Field | Required | Notes |
|---|---|---|
| Username | Yes | Minimum 3 characters, must be unique |
| Password | Yes | Minimum 6 characters |
| First name | No | Display only |
| Last name | No | Display only |
| No | Used for the audit trail and identification | |
| Role | Yes | Admin, Auditor, or Viewer |
- Click Create
The new user is created with must_change_password=1, so they'll be forced to set a new password on their first login.
Two password length minimums
The initial create flow accepts passwords ≥ 6 characters. The forced-change-on-first-login flow requires ≥ 8 characters. Net effect: a freshly-created user provided with a 6-char password will need to choose an 8-char one when they sign in.
Editing a user¶
Click the Edit button next to a user in the list to update first name, last name, email, role, or username. Username changes are validated against uniqueness.
You cannot demote yourself from admin if you're the last admin — the server refuses to delete the last admin account.
Resetting a password¶
- Click the Reset PW button next to a user
- Enter a new temporary password (or use the Generate button for a random one)
- Confirm the password in the second field
- Click Reset Password
The user will be required to set a new password on their next login.
Admins can't reset their own password from the Users tab
To change your own password, use the password change feature accessed from your user profile menu. This prevents accidentally locking yourself out of an admin session.
Deleting a user¶
Click Delete next to a user and confirm. The user is removed but their audit trail entries are preserved — every action they took stays in the log.
You cannot delete:
- Your own account
- The last remaining admin
Per-user preferences¶
Each user has their own theme and session timeout — covered separately in Preferences.
Default account¶
The application ships with a single admin:
| Field | Value |
|---|---|
| Username | admin |
| Password | password |
You're required to change the password on first login.
Change this password immediately
The default credentials are well-known. If your dashboard is reachable from anywhere other than localhost, change the password before doing anything else.
Audit trail¶
Every user action is logged with the username, IP address, and a structured action code:
LOGIN,LOGIN_FAILED,LOGOUTPASSWORD_CHANGE,PASSWORD_RESETUSER_CREATED,USER_UPDATED,USER_DELETEDSETTINGS_UPDATE,TLS_CERT_*,LICENSE_*EXPORT_CSV,EXPORT_JSON,ARCHIVE_*,MAINTENANCESERVER_RESTART,TEST_EMAIL
Audit events are stored in the same database as syslog entries with host=LuceDev-Syslog and facility=audit, but they're never archived — they stay in the live database indefinitely so you always have the full trail.
View the audit trail at /audit — accessible to admins and auditors only.