Skip to content

[9.3] [ES|QL] Fixes not recognized GROK patterns (#246871)#247006

Merged
kibanamachine merged 1 commit intoelastic:9.3from
kibanamachine:backport/9.3/pr-246871
Dec 19, 2025
Merged

[9.3] [ES|QL] Fixes not recognized GROK patterns (#246871)#247006
kibanamachine merged 1 commit intoelastic:9.3from
kibanamachine:backport/9.3/pr-246871

Conversation

@kibanamachine
Copy link
Contributor

@kibanamachine kibanamachine commented Dec 19, 2025

Backport

This will backport the following commits from main to 9.3:

Questions ?

Please refer to the Backport tool documentation
@momovdg
[ES|QL] Fixes not recognized GROK patterns (elastic#246871)
80da60e 
resolves elastic#246803

## Summary

Some patterns in the GROK command were not properly recognized and were
producing unknown columns in the query.

before
<img width="743" height="815" alt="image"
src="https://github.com/user-attachments/assets/417c16c3-cd61-40e4-bf43-aa3695e52e3d"
/>

after
<img width="766" height="795" alt="image"
src="https://github.com/user-attachments/assets/8323fcd2-d6a7-41f8-90cf-7eb7176639d1"
/>

### Checklist

Check the PR satisfies following conditions.

Reviewers should verify this PR satisfies this list as well.

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
- [x] Review the [backport
guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)
and apply applicable `backport:*` labels.

(cherry picked from commit 24f3c3d)
@kibanamachine kibanamachine requested a review from a team as a code owner December 19, 2025 07:49
@kibanamachine kibanamachine added the backport This PR is a backport of another PR label Dec 19, 2025
@kibanamachine kibanamachine enabled auto-merge (squash) December 19, 2025 07:50
@kibanamachine kibanamachine mentioned this pull request Dec 19, 2025
Merged
3 tasks
@kibanamachine kibanamachine merged commit d258595 into elastic:9.3 Dec 19, 2025
17 checks passed
@elasticmachine
Copy link
Contributor

elasticmachine commented Dec 19, 2025

💚 Build Succeeded

Metrics [docs]

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
kbnUiSharedDeps-srcJs 4.3MB 4.3MB +7.0B

cc @momovdg
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backport This PR is a backport of another PR

3 participants

@kibanamachine @elasticmachine @momovdg