list_access_groups
List access groups to view permission boundaries controlling which resources users can see. Essential for multi-tenant isolation, team segmentation, and resource visibility management.
Instructions
List all access groups in LogicMonitor (LM) monitoring.
Returns: Array of access groups with: id, name, description, tenant ID, number of associated resources, number of users.
What are access groups: Permission boundaries that control WHICH resources users can see and manage. Used in multi-tenant environments to isolate customer data, or to segment access by team/department. Users assigned to access group can only see resources in that group.
When to use:
Manage multi-tenant environments (MSPs)
Segment monitoring by department/team
Control resource visibility
Audit access control configuration
Find access group IDs for user assignment
Access groups vs Roles (important distinction):
Access Groups: Control WHAT resources you can see (visibility, data isolation)
Roles: Control WHAT actions you can perform (view/edit/delete permissions)
Users need BOTH: Role (what they can do) + Access Group (what they can see)
Common use cases:
MSP / Multi-tenant:
Access Group "Customer A" - User sees only Customer A resource/device
Access Group "Customer B" - User sees only Customer B resource/device
Prevents customers from seeing each other's data
Departmental isolation:
Access Group "Network Team" - See only network resource/device
Access Group "Server Team" - See only servers
Access Group "Database Team" - See only database servers
Environment separation:
Access Group "Production" - Only prod resource/device
Access Group "Dev/Test" - Only non-prod resource/device
Junior staff limited to dev/test access group
Workflow: Use this tool to find access groups, then assign users to groups via "update_user" to control resource visibility.
Important: A negative "total" value in the response indicates incomplete results. Use pagination (size/offset parameters) or set autoPaginate: true to retrieve all items.
Related tools: "get_access_group" (details), "create_access_group" (create new), "list_users" (see user assignments), "list_resources" (associate resource/device with groups).
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| size | No | Number of results per page (default: 50, max: 1000). | |
| offset | No | Starting offset for pagination (default: 0). Use this to skip a specific number of results. | |
| autoPaginate | No | Automatically fetch all pages (default: false). When true, fetches all results across multiple pages. When false, returns only the requested page. Use false for large result sets to avoid long response times. | |
| filter | No | Filter expression using LogicMonitor query syntax. Examples: name:*prod*, displayName~*server*, id>100, hostStatus:normal. Available operators: : (equals), ~ (includes), !: (not equals), !~ (not includes), >: (greater than or equals), <: (less than or equals), > (greater than), < (less than). Multiple conditions: Use comma (,) for AND, use || for OR. Do NOT use &&. | |
| fields | No | Comma-separated list of fields to include in response. Examples: "id,displayName,hostStatus" or use "*" for all fields. Omit this parameter to receive a curated set of commonly used fields. |