[POC] Grouping component in Discover#209047
Draft
YulNaumenko wants to merge 4 commits intoelastic:mainfrom
Draft
[POC] Grouping component in Discover#209047YulNaumenko wants to merge 4 commits intoelastic:mainfrom
YulNaumenko wants to merge 4 commits intoelastic:mainfrom
Conversation
Contributor
|
🤖 Jobs for this PR can be triggered through checkboxes. 🚧
ℹ️ To trigger the CI, please tick the checkbox below 👇
|
Contributor
💔 Build Failed
Failed CI StepsHistorycc @YulNaumenko |
… into discover-grouping-poc
7 tasks
eokoneyo
added a commit
that referenced
this pull request
Jan 23, 2026
## Summary This PR builds on prior art #209047, to bring grouped data (named cascade) exploration to discover for ES|QL. When a user inputs any ES|QL query; said query will be parsed, on parsing said inputted query if an occurrence of the [`STATS`](https://www.elastic.co/docs/reference/query-languages/esql/commands/stats-by) command is found it would trigger the possibility of having a different view; the grouped view. However this experience is not necessarily what the user would always have, the heuristics for being presented the cascade experience are as follows; - The user inputted an ES|QL query that includes the target command (i.e `STATS`) - The feature flag for the cascade experience is enabled - The user has not specifically chosen to opt out from the cascade experience. That being said, given the following valid query including a `STATS` command; ```esql FROM kibana_sample_data_logs | KEEP bytes, clientip, url.keyword, response.keyword | STATS Visits = COUNT(), Unique = COUNT_DISTINCT(clientip), p95 = PERCENTILE(bytes, 95), median = MEDIAN(bytes) BY url.keyword | LIMIT 123 ``` The user would be presented with a combobox alongs side the regular document options, that allows the user to select at this time an option to group by the field which the user grouped the STATS query by or a choice to revert to the regular view. It's worth mentioning that in the event that the user provides a query that specifies more than one grouping, for example; ```esql FROM kibana_sample_data_logs | KEEP bytes, clientip, url.keyword, response.keyword | STATS Visits = COUNT(), Unique = COUNT_DISTINCT(clientip), p95 = PERCENTILE(bytes, 95), median = MEDIAN(bytes) BY bytes, clientip, url.keyword, response.keyword | LIMIT 123 ``` We'd revert to the regular view the user is familiar with. A note on how groups are selected; all referenced columns that exist on the record from the last `STATS` command are selected by default as data pivot option, whilst STATS also supports the [`BUCKET`](https://www.elastic.co/docs/reference/query-languages/esql/functions-operators/grouping-functions#esql-bucket), [`TBUCKET`](https://www.elastic.co/docs/reference/query-languages/esql/functions-operators/grouping-functions#esql-tbucket) and [`CATEGORIZE`](https://www.elastic.co/docs/reference/query-languages/esql/functions-operators/grouping-functions#esql-categorize) grouping functions, at this time this implementation will only provide pivot points for the `CATEGORIZE` grouping function. ## How to test - Add the config `feature_flags.overrides.discover.cascadeLayoutEnabled: true` in your `kibana.dev.yml` - install your data of choice, for the sake of this guide the `kibana_sample_data_logs` sample data is sufficient. - Navigate to discover, select the button that prompts to "Tryout ES|QL" - Input the query from above or a different one, and you should be presented with the cascade experience similar to the screen recording below; https://github.com/user-attachments/assets/c3931adf-d88e-4369-b304-1bc2635b9182 ### Checklist Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [ ] This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The `release_note:breaking` label should be applied in these situations. - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) <!-- ### Identify risks Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss. Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging. - [ ] [See some risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) - [ ] ... --> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Ryan Keairns <contactryank@gmail.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Davis McPhee <davis.mcphee@elastic.co>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR is a POC demonstrating, that integrating @kbn/grouping component is pretty simple and not specific to alerting.
Grouping component is configurable for all Data Views and could be very helpful in the data exploration process.
Short Demo:
Screen.Recording.2025-01-30.at.7.45.35.PM.mov
Diagram: