diff --git a/modules/learn/pages/security/roles.adoc b/modules/learn/pages/security/roles.adoc
index 8c6bc9311e..f791fc8536 100644
--- a/modules/learn/pages/security/roles.adoc
+++ b/modules/learn/pages/security/roles.adoc
@@ -1118,8 +1118,10 @@ Cannot use the Query Workbench in Couchbase Server Web Console.
 === Query System Catalog
 
 The Query System Catalog role lets the user query the system catalog using {sqlpp}.
-This access include querying `system:indexes`, `system:prepareds`, and tables listing current and past queries.
-Assign this role to developers who need to query these tables when troubleshooting and debugging queries.
+This role also grants permissions to delete from certain in-memory system tables, which is useful for clearing caches and historical query logs without restarting a server.
+
+This access includes querying `system:indexes` and `system:prepareds`, as well as tables listing current and past queries.
+Assign this role to developers who need to query these tables when troubleshooting and debugging.
 
 The role grants Couchbase Server Web Console access.
 
@@ -1142,12 +1144,32 @@ Cannot add, failover, remove, modify services, or rebalance servers.
 | Cannot list scopes or collections, create, drop, edit settings, read or write data
 
 | *Query*
-| Can query system tables
-| Cannot perform any other query actions.
-Cannot use the Query Workbench in Couchbase Server Web Console.
+|
+*SELECT* from all system catalog tables.
+
+
+Querying certain keyspaces like `system:indexes`, `system:keyspaces`, and `system:scopes` is subject to row-based filtering.
+The user must also have the appropriate `SELECT` privilege on the underlying keyspace or collection to see the corresponding entries.
+
+*DELETE* from the following in-memory system tables to clear caches and logs:
+`system:active_requests`
+`system:completed_requests`
+`system:completed_requests_history`
+`system:prepareds`
+`system:functions_cache`
+`system:dictionary_cache`
+`system:tasks_cache`
+`system:aus_settings`
+
+|
+* Cannot perform any other query actions.
+* Cannot use the Query Workbench in Couchbase Server Web Console.
+* Cannot `INSERT` or `UPDATE` system catalog tables.
+For this functionality (available from 8.0+), see the `query_manage_system_catalog` role.
 
 |===
 
+
 [#manage-global-functions]
 === Manage Global Functions