Cisco Cisco Firepower Management Center 4000

grants access to the Correlation Events page, while the Modify Correlation Events check box allows the 
user to edit and delete the information available on that page. Permissions that contain the word 
“Manage” grant the ability to edit and delete information that other users create.

You can apply restricted searches to a custom user role. These constrain the data a user may see in the 
event viewer. You can configure a restricted search by first creating a private saved search and selecting 
it from the “Restricted Search” drop-down menu under the appropriate menu-based permission. For 
more information, see 

.

When you configure a custom user role on a Defense Center, all menu-based permissions are available 
for you to grant. When you configure a custom user role on a managed device, only some permissions 
are available — those relevant to device functions. For more information on the menu-based permissions 
you can configure and their relationship with predefined user roles, see:

The selectable options under System Permissions allow you to create a user role that can make queries 
to the external database or escalate to the permissions of a target user role. For more information, see 

Optionally, instead of creating a new custom user role, you can export a custom user role from another 
appliance, then import it onto your appliance. You can then edit the imported role to suit your needs 
before you apply it. For more information, see 

 and 

Admin

Select 

.

The User Management page appears.

Click the 

 tab.

The User Roles page appears.

Click 

.

The User Role Editor page appears.

In the 

 field, type a name for the new user role.

You can use alphanumeric or hyphen characters, without spaces. Role names must be no more than 75 
characters. User role names are case sensitive.

Optionally, add a description for the new role in the 

 field.

Role descriptions must be no more than 255 characters.

Select permissions for the new role.