fix: qbtoexpr migrated to v5

Merge branch 'main' into lp-filter-v5
fix: filter expression
2026-02-09 19:22:21 +00:00 · 2026-02-09 20:24:32 +05:30 · 2026-02-09 13:06:54 +05:30 · 2026-02-05 18:10:45 +05:30 · 2026-02-05 17:48:57 +05:30
113 changed files with 3218 additions and 3620 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -133,8 +133,5 @@
 /frontend/src/pages/PublicDashboard/ @SigNoz/pulse-frontend
 /frontend/src/container/PublicDashboardContainer/ @SigNoz/pulse-frontend

-## Dashboard Libs + Components
-/frontend/src/lib/uPlotV2/ @SigNoz/pulse-frontend
-/frontend/src/lib/dashboard/ @SigNoz/pulse-frontend
-/frontend/src/lib/dashboardVariables/ @SigNoz/pulse-frontend
-/frontend/src/components/NewSelect/ @SigNoz/pulse-frontend
+## UplotV2 
+/frontend/src/lib/uPlotV2/ @SigNoz/pulse-frontend
--- a/cmd/community/server.go
+++ b/cmd/community/server.go
@@ -18,6 +18,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/query-service/app"
 	"github.com/SigNoz/signoz/pkg/queryparser"
@@ -76,15 +78,18 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error) {
 			return signoz.NewAuthNs(ctx, providerSettings, store, licensing)
 		},
-		func(ctx context.Context, sqlstore sqlstore.SQLStore, _ licensing.Licensing, _ dashboard.Module) factory.ProviderFactory[authz.AuthZ, authz.Config] {
+		func(ctx context.Context, sqlstore sqlstore.SQLStore) factory.ProviderFactory[authz.AuthZ, authz.Config] {
 			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx))
 		},
-		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, _ querier.Querier, _ licensing.Licensing) dashboard.Module {
+		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, _ role.Setter, _ role.Granter, queryParser queryparser.QueryParser, _ querier.Querier, _ licensing.Licensing) dashboard.Module {
 			return impldashboard.NewModule(impldashboard.NewStore(store), settings, analytics, orgGetter, queryParser)
 		},
 		func(_ licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config] {
 			return noopgateway.NewProviderFactory()
 		},
+		func(store sqlstore.SQLStore, authz authz.AuthZ, licensing licensing.Licensing, _ []role.RegisterTypeable) role.Setter {
+			return implrole.NewSetter(implrole.NewStore(store), authz)
+		},
 	)
 	if err != nil {
 		logger.ErrorContext(ctx, "failed to create signoz", "error", err)
--- a/cmd/enterprise/server.go
+++ b/cmd/enterprise/server.go
@@ -14,6 +14,7 @@ import (
 	enterpriselicensing "github.com/SigNoz/signoz/ee/licensing"
 	"github.com/SigNoz/signoz/ee/licensing/httplicensing"
 	"github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard"
+	"github.com/SigNoz/signoz/ee/modules/role/implrole"
 	enterpriseapp "github.com/SigNoz/signoz/ee/query-service/app"
 	"github.com/SigNoz/signoz/ee/sqlschema/postgressqlschema"
 	"github.com/SigNoz/signoz/ee/sqlstore/postgressqlstore"
@@ -28,6 +29,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	pkgimplrole "github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/signoz"
@@ -115,15 +118,18 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e

 			return authNs, nil
 		},
-		func(ctx context.Context, sqlstore sqlstore.SQLStore, licensing licensing.Licensing, dashboardModule dashboard.Module) factory.ProviderFactory[authz.AuthZ, authz.Config] {
-			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx), licensing, dashboardModule)
+		func(ctx context.Context, sqlstore sqlstore.SQLStore) factory.ProviderFactory[authz.AuthZ, authz.Config] {
+			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx))
 		},
-		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
-			return impldashboard.NewModule(pkgimpldashboard.NewStore(store), settings, analytics, orgGetter, queryParser, querier, licensing)
+		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, roleSetter role.Setter, granter role.Granter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
+			return impldashboard.NewModule(pkgimpldashboard.NewStore(store), settings, analytics, orgGetter, roleSetter, granter, queryParser, querier, licensing)
 		},
 		func(licensing licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config] {
 			return httpgateway.NewProviderFactory(licensing)
 		},
+		func(store sqlstore.SQLStore, authz authz.AuthZ, licensing licensing.Licensing, registry []role.RegisterTypeable) role.Setter {
+			return implrole.NewSetter(pkgimplrole.NewStore(store), authz, licensing, registry)
+		},
 	)

 	if err != nil {
--- a/docs/api/openapi.yml
+++ b/docs/api/openapi.yml
@@ -607,178 +607,6 @@ paths:
      summary: Update auth domain
      tags:
      - authdomains
-  /api/v1/fields/keys:
-    get:
-      deprecated: false
-      description: This endpoint returns field keys
-      operationId: GetFieldsKeys
-      parameters:
-      - in: query
-        name: signal
-        schema:
-          type: string
-      - in: query
-        name: source
-        schema:
-          type: string
-      - in: query
-        name: limit
-        schema:
-          type: integer
-      - in: query
-        name: startUnixMilli
-        schema:
-          format: int64
-          type: integer
-      - in: query
-        name: endUnixMilli
-        schema:
-          format: int64
-          type: integer
-      - in: query
-        name: fieldContext
-        schema:
-          type: string
-      - in: query
-        name: fieldDataType
-        schema:
-          type: string
-      - in: query
-        name: metricName
-        schema:
-          type: string
-      - in: query
-        name: searchText
-        schema:
-          type: string
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/TelemetrytypesGettableFieldKeys'
-                  status:
-                    type: string
-                type: object
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - VIEWER
-      - tokenizer:
-        - VIEWER
-      summary: Get field keys
-      tags:
-      - fields
-  /api/v1/fields/values:
-    get:
-      deprecated: false
-      description: This endpoint returns field values
-      operationId: GetFieldsValues
-      parameters:
-      - in: query
-        name: signal
-        schema:
-          type: string
-      - in: query
-        name: source
-        schema:
-          type: string
-      - in: query
-        name: limit
-        schema:
-          type: integer
-      - in: query
-        name: startUnixMilli
-        schema:
-          format: int64
-          type: integer
-      - in: query
-        name: endUnixMilli
-        schema:
-          format: int64
-          type: integer
-      - in: query
-        name: fieldContext
-        schema:
-          type: string
-      - in: query
-        name: fieldDataType
-        schema:
-          type: string
-      - in: query
-        name: metricName
-        schema:
-          type: string
-      - in: query
-        name: searchText
-        schema:
-          type: string
-      - in: query
-        name: name
-        schema:
-          type: string
-      - in: query
-        name: existingQuery
-        schema:
-          type: string
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/TelemetrytypesGettableFieldValues'
-                  status:
-                    type: string
-                type: object
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - VIEWER
-      - tokenizer:
-        - VIEWER
-      summary: Get field values
-      tags:
-      - fields
  /api/v1/getResetPasswordToken/{id}:
    get:
      deprecated: false
@@ -4416,60 +4244,6 @@ components:
          format: date-time
          type: string
      type: object
-    TelemetrytypesGettableFieldKeys:
-      properties:
-        complete:
-          type: boolean
-        keys:
-          additionalProperties:
-            items:
-              $ref: '#/components/schemas/TelemetrytypesTelemetryFieldKey'
-            type: array
-          nullable: true
-          type: object
-      type: object
-    TelemetrytypesGettableFieldValues:
-      properties:
-        complete:
-          type: boolean
-        values:
-          $ref: '#/components/schemas/TelemetrytypesTelemetryFieldValues'
-      type: object
-    TelemetrytypesTelemetryFieldKey:
-      properties:
-        description:
-          type: string
-        fieldContext:
-          type: string
-        fieldDataType:
-          type: string
-        name:
-          type: string
-        signal:
-          type: string
-        unit:
-          type: string
-      type: object
-    TelemetrytypesTelemetryFieldValues:
-      properties:
-        boolValues:
-          items:
-            type: boolean
-          type: array
-        numberValues:
-          items:
-            format: double
-            type: number
-          type: array
-        relatedValues:
-          items:
-            type: string
-          type: array
-        stringValues:
-          items:
-            type: string
-          type: array
-      type: object
    TypesChangePasswordRequest:
      properties:
        newPassword:
--- a/ee/authz/openfgaauthz/provider.go
+++ b/ee/authz/openfgaauthz/provider.go
@@ -2,18 +2,12 @@ package openfgaauthz

 import (
 	"context"
-	"slices"

-	"github.com/SigNoz/signoz/ee/authz/openfgaserver"
 	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/authz/authzstore/sqlauthzstore"
 	pkgopenfgaauthz "github.com/SigNoz/signoz/pkg/authz/openfgaauthz"
-	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/licensing"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
@@ -21,224 +15,50 @@ import (

 type provider struct {
 	pkgAuthzService authz.AuthZ
-	openfgaServer   *openfgaserver.Server
-	licensing       licensing.Licensing
-	store           roletypes.Store
-	registry        []authz.RegisterTypeable
 }

-func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile, licensing licensing.Licensing, registry ...authz.RegisterTypeable) factory.ProviderFactory[authz.AuthZ, authz.Config] {
+func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) factory.ProviderFactory[authz.AuthZ, authz.Config] {
 	return factory.NewProviderFactory(factory.MustNewName("openfga"), func(ctx context.Context, ps factory.ProviderSettings, config authz.Config) (authz.AuthZ, error) {
-		return newOpenfgaProvider(ctx, ps, config, sqlstore, openfgaSchema, licensing, registry)
+		return newOpenfgaProvider(ctx, ps, config, sqlstore, openfgaSchema)
 	})
 }

-func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile, licensing licensing.Licensing, registry []authz.RegisterTypeable) (authz.AuthZ, error) {
+func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) (authz.AuthZ, error) {
 	pkgOpenfgaAuthzProvider := pkgopenfgaauthz.NewProviderFactory(sqlstore, openfgaSchema)
 	pkgAuthzService, err := pkgOpenfgaAuthzProvider.New(ctx, settings, config)
 	if err != nil {
 		return nil, err
 	}

-	openfgaServer, err := openfgaserver.NewOpenfgaServer(ctx, pkgAuthzService)
-	if err != nil {
-		return nil, err
-	}
-
 	return &provider{
 		pkgAuthzService: pkgAuthzService,
-		openfgaServer:   openfgaServer,
-		licensing:       licensing,
-		store:           sqlauthzstore.NewSqlAuthzStore(sqlstore),
-		registry:        registry,
 	}, nil
 }

 func (provider *provider) Start(ctx context.Context) error {
-	return provider.openfgaServer.Start(ctx)
+	return provider.pkgAuthzService.Start(ctx)
 }

 func (provider *provider) Stop(ctx context.Context) error {
-	return provider.openfgaServer.Stop(ctx)
+	return provider.pkgAuthzService.Stop(ctx)
 }

 func (provider *provider) Check(ctx context.Context, tuple *openfgav1.TupleKey) error {
-	return provider.openfgaServer.Check(ctx, tuple)
+	return provider.pkgAuthzService.Check(ctx, tuple)
 }

-func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	return provider.openfgaServer.CheckWithTupleCreation(ctx, claims, orgID, relation, typeable, selectors, roleSelectors)
-}
-
-func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	return provider.openfgaServer.CheckWithTupleCreationWithoutClaims(ctx, orgID, relation, typeable, selectors, roleSelectors)
-}
-
-func (provider *provider) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
-	return provider.openfgaServer.BatchCheck(ctx, tuples)
-}
-
-func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
-	return provider.openfgaServer.ListObjects(ctx, subject, relation, typeable)
-}
-
-func (provider *provider) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
-	return provider.openfgaServer.Write(ctx, additions, deletions)
-}
-
-func (provider *provider) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
-	return provider.pkgAuthzService.Get(ctx, orgID, id)
-}
-
-func (provider *provider) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
-	return provider.pkgAuthzService.GetByOrgIDAndName(ctx, orgID, name)
-}
-
-func (provider *provider) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
-	return provider.pkgAuthzService.List(ctx, orgID)
-}
-
-func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
-	return provider.pkgAuthzService.ListByOrgIDAndNames(ctx, orgID, names)
-}
-
-func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	return provider.pkgAuthzService.Grant(ctx, orgID, name, subject)
-}
-
-func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
-	return provider.pkgAuthzService.ModifyGrant(ctx, orgID, existingRoleName, updatedRoleName, subject)
-}
-
-func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	return provider.pkgAuthzService.Revoke(ctx, orgID, name, subject)
-}
-
-func (provider *provider) CreateManagedRoles(ctx context.Context, orgID valuer.UUID, managedRoles []*roletypes.Role) error {
-	return provider.pkgAuthzService.CreateManagedRoles(ctx, orgID, managedRoles)
-}
-
-func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
-	tuples := make([]*openfgav1.TupleKey, 0)
-
-	grantTuples, err := provider.getManagedRoleGrantTuples(orgID, userID)
-	if err != nil {
-		return err
-	}
-	tuples = append(tuples, grantTuples...)
-
-	managedRoleTuples, err := provider.getManagedRoleTransactionTuples(orgID)
-	if err != nil {
-		return err
-	}
-	tuples = append(tuples, managedRoleTuples...)
-
-	return provider.Write(ctx, tuples, nil)
-}
-
-func (provider *provider) Create(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	return provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
-}
-
-func (provider *provider) GetOrCreate(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) (*roletypes.Role, error) {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	existingRole, err := provider.store.GetByOrgIDAndName(ctx, role.OrgID, role.Name)
-	if err != nil {
-		if !errors.Ast(err, errors.TypeNotFound) {
-			return nil, err
-		}
-	}
-
-	if existingRole != nil {
-		return roletypes.NewRoleFromStorableRole(existingRole), nil
-	}
-
-	err = provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
-	if err != nil {
-		return nil, err
-	}
-
-	return role, nil
-}
-
-func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource {
-	typeables := make([]authtypes.Typeable, 0)
-	for _, register := range provider.registry {
-		typeables = append(typeables, register.MustGetTypeables()...)
-	}
-	// role module cannot self register itself!
-	typeables = append(typeables, provider.MustGetTypeables()...)
-
-	resources := make([]*authtypes.Resource, 0)
-	for _, typeable := range typeables {
-		resources = append(resources, &authtypes.Resource{Name: typeable.Name(), Type: typeable.Type()})
-	}
-
-	return resources
-}
-
-func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
-	storableRole, err := provider.store.Get(ctx, orgID, id)
-	if err != nil {
-		return nil, err
-	}
-
-	objects := make([]*authtypes.Object, 0)
-	for _, resource := range provider.GetResources(ctx) {
-		if slices.Contains(authtypes.TypeableRelations[resource.Type], relation) {
-			resourceObjects, err := provider.
-				ListObjects(
-					ctx,
-					authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.ID.String(), orgID, &authtypes.RelationAssignee),
-					relation,
-					authtypes.MustNewTypeableFromType(resource.Type, resource.Name),
-				)
-			if err != nil {
-				return nil, err
-			}
-
-			objects = append(objects, resourceObjects...)
-		}
-	}
-
-	return objects, nil
-}
-
-func (provider *provider) Patch(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	return provider.store.Update(ctx, orgID, roletypes.NewStorableRoleFromRole(role))
-}
-
-func (provider *provider) PatchObjects(ctx context.Context, orgID valuer.UUID, name string, relation authtypes.Relation, additions, deletions []*authtypes.Object) error {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	additionTuples, err := roletypes.GetAdditionTuples(name, orgID, relation, additions)
+func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
 	if err != nil {
 		return err
 	}

-	deletionTuples, err := roletypes.GetDeletionTuples(name, orgID, relation, deletions)
+	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
 	if err != nil {
 		return err
 	}

-	err = provider.Write(ctx, additionTuples, deletionTuples)
+	err = provider.BatchCheck(ctx, tuples)
 	if err != nil {
 		return err
 	}
@@ -246,95 +66,33 @@ func (provider *provider) PatchObjects(ctx context.Context, orgID valuer.UUID, n
 	return nil
 }

-func (provider *provider) Delete(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	storableRole, err := provider.store.Get(ctx, orgID, id)
+func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
 	if err != nil {
 		return err
 	}

-	role := roletypes.NewRoleFromStorableRole(storableRole)
-	err = role.CanEditDelete()
+	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
 	if err != nil {
 		return err
 	}

-	return provider.store.Delete(ctx, orgID, id)
-}
-
-func (provider *provider) MustGetTypeables() []authtypes.Typeable {
-	return []authtypes.Typeable{authtypes.TypeableRole, roletypes.TypeableResourcesRoles}
-}
-
-func (provider *provider) getManagedRoleGrantTuples(orgID valuer.UUID, userID valuer.UUID) ([]*openfgav1.TupleKey, error) {
-	tuples := []*openfgav1.TupleKey{}
-
-	// Grant the admin role to the user
-	adminSubject := authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil)
-	adminTuple, err := authtypes.TypeableRole.Tuples(
-		adminSubject,
-		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAdminRoleName),
-		},
-		orgID,
-	)
+	err = provider.BatchCheck(ctx, tuples)
 	if err != nil {
-		return nil, err
+		return err
 	}
-	tuples = append(tuples, adminTuple...)

-	// Grant the admin role to the anonymous user
-	anonymousSubject := authtypes.MustNewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
-	anonymousTuple, err := authtypes.TypeableRole.Tuples(
-		anonymousSubject,
-		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAnonymousRoleName),
-		},
-		orgID,
-	)
-	if err != nil {
-		return nil, err
-	}
-	tuples = append(tuples, anonymousTuple...)
-
-	return tuples, nil
+	return nil
 }

-func (provider *provider) getManagedRoleTransactionTuples(orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
-	transactionsByRole := make(map[string][]*authtypes.Transaction)
-	for _, register := range provider.registry {
-		for roleName, txns := range register.MustGetManagedRoleTransactions() {
-			transactionsByRole[roleName] = append(transactionsByRole[roleName], txns...)
-		}
-	}
-
-	tuples := make([]*openfgav1.TupleKey, 0)
-	for roleName, transactions := range transactionsByRole {
-		for _, txn := range transactions {
-			typeable := authtypes.MustNewTypeableFromType(txn.Object.Resource.Type, txn.Object.Resource.Name)
-			txnTuples, err := typeable.Tuples(
-				authtypes.MustNewSubject(
-					authtypes.TypeableRole,
-					roleName,
-					orgID,
-					&authtypes.RelationAssignee,
-				),
-				txn.Relation,
-				[]authtypes.Selector{txn.Object.Selector},
-				orgID,
-			)
-			if err != nil {
-				return nil, err
-			}
-			tuples = append(tuples, txnTuples...)
-		}
-	}
-
-	return tuples, nil
+func (provider *provider) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
+	return provider.pkgAuthzService.BatchCheck(ctx, tuples)
+}
+
+func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
+	return provider.pkgAuthzService.ListObjects(ctx, subject, relation, typeable)
+}
+
+func (provider *provider) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
+	return provider.pkgAuthzService.Write(ctx, additions, deletions)
 }
--- a/ee/authz/openfgaserver/server.go
+++ b/ee/authz/openfgaserver/server.go
@@ -1,83 +0,0 @@
-package openfgaserver
-
-import (
-	"context"
-
-	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-	openfgav1 "github.com/openfga/api/proto/openfga/v1"
-)
-
-type Server struct {
-	pkgAuthzService authz.AuthZ
-}
-
-func NewOpenfgaServer(ctx context.Context, pkgAuthzService authz.AuthZ) (*Server, error) {
-
-	return &Server{
-		pkgAuthzService: pkgAuthzService,
-	}, nil
-}
-
-func (server *Server) Start(ctx context.Context) error {
-	return server.pkgAuthzService.Start(ctx)
-}
-
-func (server *Server) Stop(ctx context.Context) error {
-	return server.pkgAuthzService.Stop(ctx)
-}
-
-func (server *Server) Check(ctx context.Context, tuple *openfgav1.TupleKey) error {
-	return server.pkgAuthzService.Check(ctx, tuple)
-}
-
-func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = server.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = server.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (server *Server) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
-	return server.pkgAuthzService.BatchCheck(ctx, tuples)
-}
-
-func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
-	return server.pkgAuthzService.ListObjects(ctx, subject, relation, typeable)
-}
-
-func (server *Server) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
-	return server.pkgAuthzService.Write(ctx, additions, deletions)
-}
--- a/ee/modules/dashboard/impldashboard/module.go
+++ b/ee/modules/dashboard/impldashboard/module.go
@@ -11,6 +11,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/types"
@@ -25,11 +26,13 @@ type module struct {
 	pkgDashboardModule dashboard.Module
 	store              dashboardtypes.Store
 	settings           factory.ScopedProviderSettings
+	roleSetter         role.Setter
+	granter            role.Granter
 	querier            querier.Querier
 	licensing          licensing.Licensing
 }

-func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
+func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, roleSetter role.Setter, granter role.Granter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
 	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard")
 	pkgDashboardModule := pkgimpldashboard.NewModule(store, settings, analytics, orgGetter, queryParser)

@@ -37,6 +40,8 @@ func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, an
 		pkgDashboardModule: pkgDashboardModule,
 		store:              store,
 		settings:           scopedProviderSettings,
+		roleSetter:         roleSetter,
+		granter:            granter,
 		querier:            querier,
 		licensing:          licensing,
 	}
@@ -56,6 +61,29 @@ func (module *module) CreatePublic(ctx context.Context, orgID valuer.UUID, publi
 		return errors.Newf(errors.TypeAlreadyExists, dashboardtypes.ErrCodePublicDashboardAlreadyExists, "dashboard with id %s is already public", storablePublicDashboard.DashboardID)
 	}

+	role, err := module.roleSetter.GetOrCreate(ctx, orgID, roletypes.NewRole(roletypes.SigNozAnonymousRoleName, roletypes.SigNozAnonymousRoleDescription, roletypes.RoleTypeManaged, orgID))
+	if err != nil {
+		return err
+	}
+
+	err = module.granter.Grant(ctx, orgID, roletypes.SigNozAnonymousRoleName, authtypes.MustNewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.StringValue(), orgID, nil))
+	if err != nil {
+		return err
+	}
+
+	additionObject := authtypes.MustNewObject(
+		authtypes.Resource{
+			Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
+			Type: authtypes.TypeMetaResource,
+		},
+		authtypes.MustNewSelector(authtypes.TypeMetaResource, publicDashboard.ID.String()),
+	)
+
+	err = module.roleSetter.PatchObjects(ctx, orgID, role.Name, authtypes.RelationRead, []*authtypes.Object{additionObject}, nil)
+	if err != nil {
+		return err
+	}
+
 	err = module.store.CreatePublic(ctx, dashboardtypes.NewStorablePublicDashboardFromPublicDashboard(publicDashboard))
 	if err != nil {
 		return err
@@ -100,7 +128,6 @@ func (module *module) GetPublicDashboardSelectorsAndOrg(ctx context.Context, id

 	return []authtypes.Selector{
 		authtypes.MustNewSelector(authtypes.TypeMetaResource, id.StringValue()),
-		authtypes.MustNewSelector(authtypes.TypeMetaResource, authtypes.WildCardSelectorString),
 	}, storableDashboard.OrgID, nil
 }

@@ -163,6 +190,29 @@ func (module *module) DeletePublic(ctx context.Context, orgID valuer.UUID, dashb
 		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
 	}

+	publicDashboard, err := module.GetPublic(ctx, orgID, dashboardID)
+	if err != nil {
+		return err
+	}
+
+	role, err := module.roleSetter.GetOrCreate(ctx, orgID, roletypes.NewRole(roletypes.SigNozAnonymousRoleName, roletypes.SigNozAnonymousRoleDescription, roletypes.RoleTypeManaged, orgID))
+	if err != nil {
+		return err
+	}
+
+	deletionObject := authtypes.MustNewObject(
+		authtypes.Resource{
+			Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
+			Type: authtypes.TypeMetaResource,
+		},
+		authtypes.MustNewSelector(authtypes.TypeMetaResource, publicDashboard.ID.String()),
+	)
+
+	err = module.roleSetter.PatchObjects(ctx, orgID, role.Name, authtypes.RelationRead, nil, []*authtypes.Object{deletionObject})
+	if err != nil {
+		return err
+	}
+
 	err = module.store.DeletePublic(ctx, dashboardID.StringValue())
 	if err != nil {
 		return err
@@ -200,6 +250,10 @@ func (module *module) GetByMetricNames(ctx context.Context, orgID valuer.UUID, m
 	return module.pkgDashboardModule.GetByMetricNames(ctx, orgID, metricNames)
 }

+func (module *module) MustGetTypeables() []authtypes.Typeable {
+	return module.pkgDashboardModule.MustGetTypeables()
+}
+
 func (module *module) List(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error) {
 	return module.pkgDashboardModule.List(ctx, orgID)
 }
@@ -212,27 +266,34 @@ func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valu
 	return module.pkgDashboardModule.LockUnlock(ctx, orgID, id, updatedBy, role, lock)
 }

-func (module *module) MustGetTypeables() []authtypes.Typeable {
-	return module.pkgDashboardModule.MustGetTypeables()
-}
-
-func (module *module) MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction {
-	return map[string][]*authtypes.Transaction{
-		roletypes.SigNozAnonymousRoleName: {
-			{
-				Relation: authtypes.RelationRead,
-				Object: *authtypes.MustNewObject(
-					authtypes.Resource{
-						Type: authtypes.TypeMetaResource,
-						Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
-					},
-					authtypes.MustNewSelector(authtypes.TypeMetaResource, "*"),
-				),
-			},
-		},
+func (module *module) deletePublic(ctx context.Context, orgID valuer.UUID, dashboardID valuer.UUID) error {
+	publicDashboard, err := module.store.GetPublic(ctx, dashboardID.String())
+	if err != nil {
+		return err
 	}
-}

-func (module *module) deletePublic(ctx context.Context, _ valuer.UUID, dashboardID valuer.UUID) error {
-	return module.store.DeletePublic(ctx, dashboardID.StringValue())
+	role, err := module.roleSetter.GetOrCreate(ctx, orgID, roletypes.NewRole(roletypes.SigNozAnonymousRoleName, roletypes.SigNozAnonymousRoleDescription, roletypes.RoleTypeManaged, orgID))
+	if err != nil {
+		return err
+	}
+
+	deletionObject := authtypes.MustNewObject(
+		authtypes.Resource{
+			Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
+			Type: authtypes.TypeMetaResource,
+		},
+		authtypes.MustNewSelector(authtypes.TypeMetaResource, publicDashboard.ID.String()),
+	)
+
+	err = module.roleSetter.PatchObjects(ctx, orgID, role.Name, authtypes.RelationRead, nil, []*authtypes.Object{deletionObject})
+	if err != nil {
+		return err
+	}
+
+	err = module.store.DeletePublic(ctx, dashboardID.StringValue())
+	if err != nil {
+		return err
+	}
+
+	return nil
 }
--- a/ee/modules/role/implrole/setter.go
+++ b/ee/modules/role/implrole/setter.go
@@ -0,0 +1,165 @@
+package implrole
+
+import (
+	"context"
+	"slices"
+
+	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/licensing"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type setter struct {
+	store     roletypes.Store
+	authz     authz.AuthZ
+	licensing licensing.Licensing
+	registry  []role.RegisterTypeable
+}
+
+func NewSetter(store roletypes.Store, authz authz.AuthZ, licensing licensing.Licensing, registry []role.RegisterTypeable) role.Setter {
+	return &setter{
+		store:     store,
+		authz:     authz,
+		licensing: licensing,
+		registry:  registry,
+	}
+}
+
+func (setter *setter) Create(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
+	_, err := setter.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	return setter.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+}
+
+func (setter *setter) GetOrCreate(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) (*roletypes.Role, error) {
+	_, err := setter.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	existingRole, err := setter.store.GetByOrgIDAndName(ctx, role.OrgID, role.Name)
+	if err != nil {
+		if !errors.Ast(err, errors.TypeNotFound) {
+			return nil, err
+		}
+	}
+
+	if existingRole != nil {
+		return roletypes.NewRoleFromStorableRole(existingRole), nil
+	}
+
+	err = setter.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+	if err != nil {
+		return nil, err
+	}
+
+	return role, nil
+}
+
+func (setter *setter) GetResources(_ context.Context) []*authtypes.Resource {
+	typeables := make([]authtypes.Typeable, 0)
+	for _, register := range setter.registry {
+		typeables = append(typeables, register.MustGetTypeables()...)
+	}
+	// role module cannot self register itself!
+	typeables = append(typeables, setter.MustGetTypeables()...)
+
+	resources := make([]*authtypes.Resource, 0)
+	for _, typeable := range typeables {
+		resources = append(resources, &authtypes.Resource{Name: typeable.Name(), Type: typeable.Type()})
+	}
+
+	return resources
+}
+
+func (setter *setter) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
+	storableRole, err := setter.store.Get(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+
+	objects := make([]*authtypes.Object, 0)
+	for _, resource := range setter.GetResources(ctx) {
+		if slices.Contains(authtypes.TypeableRelations[resource.Type], relation) {
+			resourceObjects, err := setter.
+				authz.
+				ListObjects(
+					ctx,
+					authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.ID.String(), orgID, &authtypes.RelationAssignee),
+					relation,
+					authtypes.MustNewTypeableFromType(resource.Type, resource.Name),
+				)
+			if err != nil {
+				return nil, err
+			}
+
+			objects = append(objects, resourceObjects...)
+		}
+	}
+
+	return objects, nil
+}
+
+func (setter *setter) Patch(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
+	_, err := setter.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	return setter.store.Update(ctx, orgID, roletypes.NewStorableRoleFromRole(role))
+}
+
+func (setter *setter) PatchObjects(ctx context.Context, orgID valuer.UUID, name string, relation authtypes.Relation, additions, deletions []*authtypes.Object) error {
+	_, err := setter.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	additionTuples, err := roletypes.GetAdditionTuples(name, orgID, relation, additions)
+	if err != nil {
+		return err
+	}
+
+	deletionTuples, err := roletypes.GetDeletionTuples(name, orgID, relation, deletions)
+	if err != nil {
+		return err
+	}
+
+	err = setter.authz.Write(ctx, additionTuples, deletionTuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (setter *setter) Delete(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
+	_, err := setter.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	storableRole, err := setter.store.Get(ctx, orgID, id)
+	if err != nil {
+		return err
+	}
+
+	role := roletypes.NewRoleFromStorableRole(storableRole)
+	err = role.CanEditDelete()
+	if err != nil {
+		return err
+	}
+
+	return setter.store.Delete(ctx, orgID, id)
+}
+
+func (setter *setter) MustGetTypeables() []authtypes.Typeable {
+	return []authtypes.Typeable{authtypes.TypeableRole, roletypes.TypeableResourcesRoles}
+}
--- a/ee/query-service/app/api/api.go
+++ b/ee/query-service/app/api/api.go
@@ -9,6 +9,7 @@ import (
 	"github.com/SigNoz/signoz/ee/query-service/integrations/gateway"
 	"github.com/SigNoz/signoz/ee/query-service/usage"
 	"github.com/SigNoz/signoz/pkg/alertmanager"
+	"github.com/SigNoz/signoz/pkg/apis/fields"
 	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/http/middleware"
 	querierAPI "github.com/SigNoz/signoz/pkg/querier"
@@ -55,6 +56,7 @@ func NewAPIHandler(opts APIHandlerOptions, signoz *signoz.SigNoz) (*APIHandler,
 		FluxInterval:                  opts.FluxInterval,
 		AlertmanagerAPI:               alertmanager.NewAPI(signoz.Alertmanager),
 		LicensingAPI:                  httplicensing.NewLicensingAPI(signoz.Licensing),
+		FieldsAPI:                     fields.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.TelemetryStore),
 		Signoz:                        signoz,
 		QuerierAPI:                    querierAPI.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.Querier, signoz.Analytics),
 		QueryParserAPI:                queryparser.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.QueryParser),
--- a/ee/query-service/app/server.go
+++ b/ee/query-service/app/server.go
@@ -211,7 +211,7 @@ func (s Server) HealthCheckStatus() chan healthcheck.Status {

 func (s *Server) createPublicServer(apiHandler *api.APIHandler, web web.Web) (*http.Server, error) {
 	r := baseapp.NewRouter()
-	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz)
+	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz, s.signoz.Modules.RoleGetter)

 	r.Use(otelmux.Middleware(
 		"apiserver",
@@ -237,6 +237,7 @@ func (s *Server) createPublicServer(apiHandler *api.APIHandler, web web.Web) (*h
 	apiHandler.RegisterLogsRoutes(r, am)
 	apiHandler.RegisterIntegrationRoutes(r, am)
 	apiHandler.RegisterCloudIntegrationsRoutes(r, am)
+	apiHandler.RegisterFieldsRoutes(r, am)
 	apiHandler.RegisterQueryRangeV3Routes(r, am)
 	apiHandler.RegisterInfraMetricsRoutes(r, am)
 	apiHandler.RegisterQueryRangeV4Routes(r, am)
--- a/ee/query-service/rules/anomaly.go
+++ b/ee/query-service/rules/anomaly.go
@@ -15,7 +15,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/query-service/common"
 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	"github.com/SigNoz/signoz/pkg/transition"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
+	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"

 	querierV2 "github.com/SigNoz/signoz/pkg/query-service/app/querier/v2"
@@ -63,8 +63,6 @@ type AnomalyRule struct {
 	seasonality anomaly.Seasonality
 }

-var _ baserules.Rule = (*AnomalyRule)(nil)
-
 func NewAnomalyRule(
 	id string,
 	orgID valuer.UUID,
@@ -492,7 +490,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			continue
 		}

-		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.HoldDuration().Duration() {
+		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.HoldDuration() {
 			a.State = model.StateFiring
 			a.FiredAt = ts
 			state := model.StateFiring
@@ -555,7 +553,7 @@ func (r *AnomalyRule) String() string {
 	ar := ruletypes.PostableRule{
 		AlertName:         r.Name(),
 		RuleCondition:     r.Condition(),
-		EvalWindow:        r.EvalWindow(),
+		EvalWindow:        ruletypes.Duration(r.EvalWindow()),
 		Labels:            r.Labels().Map(),
 		Annotations:       r.Annotations().Map(),
 		PreferredChannels: r.PreferredChannels(),
--- a/ee/query-service/rules/anomaly_test.go
+++ b/ee/query-service/rules/anomaly_test.go
@@ -40,7 +40,7 @@ func TestAnomalyRule_NoData_AlertOnAbsent(t *testing.T) {
 	// Test basic AlertOnAbsent functionality (without AbsentFor grace period)

 	baseTime := time.Unix(1700000000, 0)
-	evalWindow := valuer.MustParseTextDuration("5m")
+	evalWindow := 5 * time.Minute
 	evalTime := baseTime.Add(5 * time.Minute)

 	target := 500.0
@@ -50,8 +50,8 @@ func TestAnomalyRule_NoData_AlertOnAbsent(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  RuleTypeAnomaly,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: evalWindow,
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(evalWindow),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,
@@ -147,7 +147,7 @@ func TestAnomalyRule_NoData_AbsentFor(t *testing.T) {
 	// 3. Alert fires only if t2 - t1 > AbsentFor

 	baseTime := time.Unix(1700000000, 0)
-	evalWindow := valuer.MustParseTextDuration("5m")
+	evalWindow := 5 * time.Minute

 	// Set target higher than test data so regular threshold alerts don't fire
 	target := 500.0
@@ -157,8 +157,8 @@ func TestAnomalyRule_NoData_AbsentFor(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  RuleTypeAnomaly,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: evalWindow,
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(evalWindow),
+			Frequency:  ruletypes.Duration(time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp:     ruletypes.ValueIsAbove,
--- a/ee/query-service/rules/manager.go
+++ b/ee/query-service/rules/manager.go
@@ -48,7 +48,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, tr)

 		// create ch rule task for evaluation
-		task = newTask(baserules.TaskTypeCh, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		task = newTask(baserules.TaskTypeCh, opts.TaskName, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)

 	} else if opts.Rule.RuleType == ruletypes.RuleTypeProm {

@@ -72,7 +72,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, pr)

 		// create promql rule task for evaluation
-		task = newTask(baserules.TaskTypeProm, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		task = newTask(baserules.TaskTypeProm, opts.TaskName, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)

 	} else if opts.Rule.RuleType == ruletypes.RuleTypeAnomaly {
 		// create anomaly rule
@@ -96,7 +96,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, ar)

 		// create anomaly rule task for evaluation
-		task = newTask(baserules.TaskTypeCh, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		task = newTask(baserules.TaskTypeCh, opts.TaskName, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)

 	} else {
 		return nil, fmt.Errorf("unsupported rule type %s. Supported types: %s, %s", opts.Rule.RuleType, ruletypes.RuleTypeProm, ruletypes.RuleTypeThreshold)
@@ -213,7 +213,8 @@ func TestNotification(opts baserules.PrepareTestRuleOptions) (int, *basemodel.Ap
 	return alertsFound, nil
 }

-// newTask returns an appropriate group for the rule type
+// newTask returns an appropriate group for
+// rule type
 func newTask(taskType baserules.TaskType, name string, frequency time.Duration, rules []baserules.Rule, opts *baserules.ManagerOptions, notify baserules.NotifyFunc, maintenanceStore ruletypes.MaintenanceStore, orgID valuer.UUID) baserules.Task {
 	if taskType == baserules.TaskTypeCh {
 		return baserules.NewRuleTask(name, "", frequency, rules, opts, notify, maintenanceStore, orgID)
--- a/frontend/src/container/DashboardContainer/DashboardSettings/DashboardVariableSettings/VariableItem/VariableItem.tsx
+++ b/frontend/src/container/DashboardContainer/DashboardSettings/DashboardVariableSettings/VariableItem/VariableItem.tsx
@@ -18,8 +18,8 @@ import { useWidgetsByDynamicVariableId } from 'hooks/dashboard/useWidgetsByDynam
 import { getWidgetsHavingDynamicVariableAttribute } from 'hooks/dashboard/utils';
 import { useGetFieldValues } from 'hooks/dynamicVariables/useGetFieldValues';
 import { useIsDarkMode } from 'hooks/useDarkMode';
-import { commaValuesParser } from 'lib/dashboardVariables/customCommaValuesParser';
-import sortValues from 'lib/dashboardVariables/sortVariableValues';
+import { commaValuesParser } from 'lib/dashbaordVariables/customCommaValuesParser';
+import sortValues from 'lib/dashbaordVariables/sortVariableValues';
 import { isEmpty, map } from 'lodash-es';
 import {
 	ArrowLeft,
--- a/frontend/src/container/DashboardContainer/DashboardVariablesSelection/CustomVariableInput.tsx
+++ b/frontend/src/container/DashboardContainer/DashboardVariablesSelection/CustomVariableInput.tsx
@@ -1,6 +1,6 @@
 import { memo, useMemo } from 'react';
-import { commaValuesParser } from 'lib/dashboardVariables/customCommaValuesParser';
-import sortValues from 'lib/dashboardVariables/sortVariableValues';
+import { commaValuesParser } from 'lib/dashbaordVariables/customCommaValuesParser';
+import sortValues from 'lib/dashbaordVariables/sortVariableValues';

 import SelectVariableInput from './SelectVariableInput';
 import { useDashboardVariableSelectHelper } from './useDashboardVariableSelectHelper';
--- a/frontend/src/container/DashboardContainer/DashboardVariablesSelection/QueryVariableInput.tsx
+++ b/frontend/src/container/DashboardContainer/DashboardVariablesSelection/QueryVariableInput.tsx
@@ -3,7 +3,7 @@ import { useQuery } from 'react-query';
 import { useSelector } from 'react-redux';
 import dashboardVariablesQuery from 'api/dashboard/variables/dashboardVariablesQuery';
 import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
-import sortValues from 'lib/dashboardVariables/sortVariableValues';
+import sortValues from 'lib/dashbaordVariables/sortVariableValues';
 import { isArray, isString } from 'lodash-es';
 import { IDependencyData } from 'providers/Dashboard/store/dashboardVariables/dashboardVariablesStoreTypes';
 import { AppState } from 'store/reducers';
--- a/frontend/src/container/GridCardLayout/GridCard/FullView/index.tsx
+++ b/frontend/src/container/GridCardLayout/GridCard/FullView/index.tsx
@@ -33,8 +33,8 @@ import { useChartMutable } from 'hooks/useChartMutable';
 import useComponentPermission from 'hooks/useComponentPermission';
 import { useSafeNavigate } from 'hooks/useSafeNavigate';
 import useUrlQuery from 'hooks/useUrlQuery';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import GetMinMax from 'lib/getMinMax';
 import { isEmpty } from 'lodash-es';
 import { useAppContext } from 'providers/App/App';
--- a/frontend/src/container/GridCardLayout/GridCard/index.tsx
+++ b/frontend/src/container/GridCardLayout/GridCard/index.tsx
@@ -8,8 +8,8 @@ import { populateMultipleResults } from 'container/NewWidget/LeftContainer/Widge
 import { CustomTimeType } from 'container/TopNav/DateTimeSelectionV2/types';
 import { useGetQueryRange } from 'hooks/queryBuilder/useGetQueryRange';
 import { useIntersectionObserver } from 'hooks/useIntersectionObserver';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import getTimeString from 'lib/getTimeString';
 import { isEqual } from 'lodash-es';
 import isEmpty from 'lodash-es/isEmpty';
--- a/frontend/src/container/GridCardLayout/useResolveQuery.ts
+++ b/frontend/src/container/GridCardLayout/useResolveQuery.ts
@@ -6,7 +6,7 @@ import { prepareQueryRangePayloadV5 } from 'api/v5/v5';
 import { PANEL_TYPES } from 'constants/queryBuilder';
 import { timePreferenceType } from 'container/NewWidget/RightContainer/timeItems';
 import { useDashboardVariablesByType } from 'hooks/dashboard/useDashboardVariablesByType';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { mapQueryDataFromApi } from 'lib/newQueryBuilder/queryBuilderMappers/mapQueryDataFromApi';
 import { AppState } from 'store/reducers';
 import { Query } from 'types/api/queryBuilder/queryBuilderData';
--- a/frontend/src/container/IngestionSettings/MultiIngestionSettings.tsx
+++ b/frontend/src/container/IngestionSettings/MultiIngestionSettings.tsx
@@ -2,6 +2,7 @@
 /* eslint-disable jsx-a11y/click-events-have-key-events */
 import { ChangeEvent, useCallback, useEffect, useState } from 'react';
 import { useTranslation } from 'react-i18next';
+import { useMutation } from 'react-query';
 import { useHistory } from 'react-router-dom';
 import { useCopyToClipboard } from 'react-use';
 import { Color } from '@signozhq/design-tokens';
@@ -26,20 +27,12 @@ import {
 } from 'antd';
 import { NotificationInstance } from 'antd/es/notification/interface';
 import { CollapseProps } from 'antd/lib';
-import {
-	useCreateIngestionKey,
-	useCreateIngestionKeyLimit,
-	useDeleteIngestionKey,
-	useDeleteIngestionKeyLimit,
-	useGetIngestionKeys,
-	useSearchIngestionKeys,
-	useUpdateIngestionKey,
-	useUpdateIngestionKeyLimit,
-} from 'api/generated/services/gateway';
-import {
-	GatewaytypesIngestionKeyDTO,
-	RenderErrorResponseDTO,
-} from 'api/generated/services/sigNoz.schemas';
+import createIngestionKeyApi from 'api/IngestionKeys/createIngestionKey';
+import deleteIngestionKey from 'api/IngestionKeys/deleteIngestionKey';
+import createLimitForIngestionKeyApi from 'api/IngestionKeys/limits/createLimitsForKey';
+import deleteLimitsForIngestionKey from 'api/IngestionKeys/limits/deleteLimitsForIngestionKey';
+import updateLimitForIngestionKeyApi from 'api/IngestionKeys/limits/updateLimitsForIngestionKey';
+import updateIngestionKey from 'api/IngestionKeys/updateIngestionKey';
 import { AxiosError } from 'axios';
 import { getYAxisFormattedValue } from 'components/Graph/yAxisConfig';
 import Tags from 'components/Tags/Tags';
@@ -51,6 +44,7 @@ import ROUTES from 'constants/routes';
 import { INITIAL_ALERT_THRESHOLD_STATE } from 'container/CreateAlertV2/context/constants';
 import dayjs from 'dayjs';
 import { useGetGlobalConfig } from 'hooks/globalConfig/useGetGlobalConfig';
+import { useGetAllIngestionsKeys } from 'hooks/IngestionKeys/useGetAllIngestionKeys';
 import useDebouncedFn from 'hooks/useDebouncedFunction';
 import { useNotifications } from 'hooks/useNotifications';
 import { cloneDeep, isNil, isUndefined } from 'lodash-es';
@@ -72,12 +66,16 @@ import {
 } from 'lucide-react';
 import { useAppContext } from 'providers/App/App';
 import { useTimezone } from 'providers/Timezone';
+import { ErrorResponse } from 'types/api';
 import {
 	AddLimitProps,
 	LimitProps,
 	UpdateLimitProps,
 } from 'types/api/ingestionKeys/limits/types';
-import { PaginationProps } from 'types/api/ingestionKeys/types';
+import {
+	IngestionKeyProps,
+	PaginationProps,
+} from 'types/api/ingestionKeys/types';
 import { MeterAggregateOperator } from 'types/common/queryBuilder';
 import { USER_ROLES } from 'types/roles';
 import { getDaysUntilExpiry } from 'utils/timeUtils';
@@ -88,10 +86,6 @@ const { Option } = Select;

 const BYTES = 1073741824;

-const INITIAL_PAGE_SIZE = 10;
-const SEARCH_PAGE_SIZE = 100;
-const FIRST_PAGE = 1;
-
 const COUNT_MULTIPLIER = {
 	thousand: 1000,
 	million: 1000000,
@@ -117,8 +111,6 @@ export const showErrorNotification = (
 ): void => {
 	notifications.error({
 		message: err.message || SOMETHING_WENT_WRONG,
-		description: (err as AxiosError<RenderErrorResponseDTO>).response?.data?.error
-			?.message,
 	});
 };

@@ -171,20 +163,15 @@ function MultiIngestionSettings(): JSX.Element {
 	const [updatedTags, setUpdatedTags] = useState<string[]>([]);
 	const [isEditModalOpen, setIsEditModalOpen] = useState(false);
 	const [isEditAddLimitOpen, setIsEditAddLimitOpen] = useState(false);
-	const [
-		activeAPIKey,
-		setActiveAPIKey,
-	] = useState<GatewaytypesIngestionKeyDTO | null>();
+	const [activeAPIKey, setActiveAPIKey] = useState<IngestionKeyProps | null>();
 	const [activeSignal, setActiveSignal] = useState<LimitProps | null>(null);

 	const [searchValue, setSearchValue] = useState<string>('');
 	const [searchText, setSearchText] = useState<string>('');
-	const [dataSource, setDataSource] = useState<GatewaytypesIngestionKeyDTO[]>(
-		[],
-	);
+	const [dataSource, setDataSource] = useState<IngestionKeyProps[]>([]);
 	const [paginationParams, setPaginationParams] = useState<PaginationProps>({
-		page: FIRST_PAGE,
-		per_page: INITIAL_PAGE_SIZE,
+		page: 1,
+		per_page: 10,
 	});

 	const [totalIngestionKeys, setTotalIngestionKeys] = useState(0);
@@ -199,7 +186,7 @@ function MultiIngestionSettings(): JSX.Element {
 	const [
 		createLimitForIngestionKeyError,
 		setCreateLimitForIngestionKeyError,
-	] = useState<string | null>(null);
+	] = useState<ErrorResponse | null>(null);

 	const [
 		hasUpdateLimitForIngestionKeyError,
@@ -209,7 +196,7 @@ function MultiIngestionSettings(): JSX.Element {
 	const [
 		updateLimitForIngestionKeyError,
 		setUpdateLimitForIngestionKeyError,
-	] = useState<string | null>(null);
+	] = useState<ErrorResponse | null>(null);

 	const { t } = useTranslation(['ingestionKeys']);

@@ -229,11 +216,7 @@ function MultiIngestionSettings(): JSX.Element {
 		handleFormReset();
 	};

-	const showDeleteModal = (apiKey: GatewaytypesIngestionKeyDTO): void => {
-		setHasCreateLimitForIngestionKeyError(false);
-		setCreateLimitForIngestionKeyError(null);
-		setHasUpdateLimitForIngestionKeyError(false);
-		setUpdateLimitForIngestionKeyError(null);
+	const showDeleteModal = (apiKey: IngestionKeyProps): void => {
 		setActiveAPIKey(apiKey);
 		setIsDeleteModalOpen(true);
 	};
@@ -250,11 +233,7 @@ function MultiIngestionSettings(): JSX.Element {
 		setIsAddModalOpen(false);
 	};

-	const showEditModal = (apiKey: GatewaytypesIngestionKeyDTO): void => {
-		setHasCreateLimitForIngestionKeyError(false);
-		setCreateLimitForIngestionKeyError(null);
-		setHasUpdateLimitForIngestionKeyError(false);
-		setUpdateLimitForIngestionKeyError(null);
+	const showEditModal = (apiKey: IngestionKeyProps): void => {
 		setActiveAPIKey(apiKey);
 		handleFormReset();
 		setUpdatedTags(apiKey.tags || []);
@@ -269,10 +248,6 @@ function MultiIngestionSettings(): JSX.Element {
 	};

 	const showAddModal = (): void => {
-		setHasCreateLimitForIngestionKeyError(false);
-		setCreateLimitForIngestionKeyError(null);
-		setHasUpdateLimitForIngestionKeyError(false);
-		setUpdateLimitForIngestionKeyError(null);
 		setUpdatedTags([]);
 		setActiveAPIKey(null);
 		setIsAddModalOpen(true);
@@ -283,60 +258,25 @@ function MultiIngestionSettings(): JSX.Element {
 		setActiveSignal(null);
 	};

-	// Use search API when searchText is present, otherwise use normal get API
-	const isSearching = searchText.length > 0;
-
 	const {
-		data: ingestionKeysData,
-		isLoading: isLoadingGet,
-		isRefetching: isRefetchingGet,
-		refetch: refetchGetAPIKeys,
-		error: getError,
-		isError: isGetError,
-	} = useGetIngestionKeys(
-		{
-			...paginationParams,
-		},
-		{
-			query: {
-				enabled: !isSearching,
-			},
-		},
-	);
-
-	const {
-		data: searchIngestionKeysData,
-		isLoading: isLoadingSearch,
-		isRefetching: isRefetchingSearch,
-		refetch: refetchSearchAPIKeys,
-		error: searchError,
-		isError: isSearchError,
-	} = useSearchIngestionKeys(
-		{
-			page: FIRST_PAGE,
-			per_page: SEARCH_PAGE_SIZE,
-			name: searchText,
-		},
-		{
-			query: {
-				enabled: isSearching,
-			},
-		},
-	);
-
-	// Use the appropriate data based on which API is active
-	const IngestionKeys = isSearching
-		? searchIngestionKeysData
-		: ingestionKeysData;
-	const isLoading = isSearching ? isLoadingSearch : isLoadingGet;
-	const isRefetching = isSearching ? isRefetchingSearch : isRefetchingGet;
-	const refetchAPIKeys = isSearching ? refetchSearchAPIKeys : refetchGetAPIKeys;
-	const error = isSearching ? searchError : getError;
-	const isError = isSearching ? isSearchError : isGetError;
+		data: IngestionKeys,
+		isLoading,
+		isRefetching,
+		refetch: refetchAPIKeys,
+		error,
+		isError,
+	} = useGetAllIngestionsKeys({
+		search: searchText,
+		...paginationParams,
+	});

 	useEffect(() => {
-		setDataSource(IngestionKeys?.data.data?.keys || []);
-		setTotalIngestionKeys(IngestionKeys?.data?.data?._pagination?.total || 0);
+		setActiveAPIKey(IngestionKeys?.data.data[0]);
+	}, [IngestionKeys]);
+
+	useEffect(() => {
+		setDataSource(IngestionKeys?.data.data || []);
+		setTotalIngestionKeys(IngestionKeys?.data?._pagination?.total || 0);
 		// eslint-disable-next-line react-hooks/exhaustive-deps
 	}, [IngestionKeys?.data?.data]);

@@ -357,7 +297,6 @@ function MultiIngestionSettings(): JSX.Element {

 	const clearSearch = (): void => {
 		setSearchValue('');
-		setSearchText('');
 	};

 	const {
@@ -370,54 +309,101 @@ function MultiIngestionSettings(): JSX.Element {
 	const {
 		mutate: createIngestionKey,
 		isLoading: isLoadingCreateAPIKey,
-	} = useCreateIngestionKey<AxiosError<RenderErrorResponseDTO>>();
+	} = useMutation(createIngestionKeyApi, {
+		onSuccess: (data) => {
+			setActiveAPIKey(data.payload);
+			setUpdatedTags([]);
+			hideAddViewModal();
+			refetchAPIKeys();
+		},
+		onError: (error) => {
+			showErrorNotification(notifications, error as AxiosError);
+		},
+	});

-	const {
-		mutate: updateAPIKey,
-		isLoading: isLoadingUpdateAPIKey,
-	} = useUpdateIngestionKey<AxiosError<RenderErrorResponseDTO>>();
+	const { mutate: updateAPIKey, isLoading: isLoadingUpdateAPIKey } = useMutation(
+		updateIngestionKey,
+		{
+			onSuccess: () => {
+				refetchAPIKeys();
+				setIsEditModalOpen(false);
+			},
+			onError: (error) => {
+				showErrorNotification(notifications, error as AxiosError);
+			},
+		},
+	);

-	const {
-		mutate: deleteAPIKey,
-		isLoading: isDeleteingAPIKey,
-	} = useDeleteIngestionKey<AxiosError<RenderErrorResponseDTO>>();
+	const { mutate: deleteAPIKey, isLoading: isDeleteingAPIKey } = useMutation(
+		deleteIngestionKey,
+		{
+			onSuccess: () => {
+				refetchAPIKeys();
+				setIsDeleteModalOpen(false);
+			},
+			onError: (error) => {
+				showErrorNotification(notifications, error as AxiosError);
+			},
+		},
+	);

 	const {
 		mutate: createLimitForIngestionKey,
 		isLoading: isLoadingLimitForKey,
-	} = useCreateIngestionKeyLimit<AxiosError<RenderErrorResponseDTO>>();
+	} = useMutation(createLimitForIngestionKeyApi, {
+		onSuccess: () => {
+			setActiveSignal(null);
+			setActiveAPIKey(null);
+			setIsEditAddLimitOpen(false);
+			setUpdatedTags([]);
+			hideAddViewModal();
+			refetchAPIKeys();
+			setHasCreateLimitForIngestionKeyError(false);
+		},
+		onError: (error: ErrorResponse) => {
+			setHasCreateLimitForIngestionKeyError(true);
+			setCreateLimitForIngestionKeyError(error);
+		},
+	});

 	const {
 		mutate: updateLimitForIngestionKey,
 		isLoading: isLoadingUpdatedLimitForKey,
-	} = useUpdateIngestionKeyLimit<AxiosError<RenderErrorResponseDTO>>();
+	} = useMutation(updateLimitForIngestionKeyApi, {
+		onSuccess: () => {
+			setActiveSignal(null);
+			setActiveAPIKey(null);
+			setIsEditAddLimitOpen(false);
+			setUpdatedTags([]);
+			hideAddViewModal();
+			refetchAPIKeys();
+			setHasUpdateLimitForIngestionKeyError(false);
+		},
+		onError: (error: ErrorResponse) => {
+			setHasUpdateLimitForIngestionKeyError(true);
+			setUpdateLimitForIngestionKeyError(error);
+		},
+	});

-	const {
-		mutate: deleteLimitForKey,
-		isLoading: isDeletingLimit,
-	} = useDeleteIngestionKeyLimit<AxiosError<RenderErrorResponseDTO>>();
+	const { mutate: deleteLimitForKey, isLoading: isDeletingLimit } = useMutation(
+		deleteLimitsForIngestionKey,
+		{
+			onSuccess: () => {
+				setIsDeleteModalOpen(false);
+				setIsDeleteLimitModalOpen(false);
+				refetchAPIKeys();
+			},
+			onError: (error) => {
+				showErrorNotification(notifications, error as AxiosError);
+			},
+		},
+	);

 	const onDeleteHandler = (): void => {
 		clearSearch();

-		if (activeAPIKey && activeAPIKey.id) {
-			deleteAPIKey(
-				{
-					pathParams: { keyId: activeAPIKey.id },
-				},
-				{
-					onSuccess: () => {
-						notifications.success({
-							message: 'Ingestion key deleted successfully',
-						});
-						refetchAPIKeys();
-						setIsDeleteModalOpen(false);
-					},
-					onError: (error) => {
-						showErrorNotification(notifications, error as AxiosError);
-					},
-				},
-			);
+		if (activeAPIKey) {
+			deleteAPIKey(activeAPIKey.id);
 		}
 	};

@@ -425,31 +411,15 @@ function MultiIngestionSettings(): JSX.Element {
 		editForm
 			.validateFields()
 			.then((values) => {
-				if (activeAPIKey && activeAPIKey.id) {
-					updateAPIKey(
-						{
-							pathParams: { keyId: activeAPIKey.id },
-							data: {
-								name: values.name,
-								tags: updatedTags,
-								expires_at: new Date(
-									dayjs(values.expires_at).endOf('day').toISOString(),
-								),
-							},
+				if (activeAPIKey) {
+					updateAPIKey({
+						id: activeAPIKey.id,
+						data: {
+							name: values.name,
+							tags: updatedTags,
+							expires_at: dayjs(values.expires_at).endOf('day').toISOString(),
 						},
-						{
-							onSuccess: () => {
-								notifications.success({
-									message: 'Ingestion key updated successfully',
-								});
-								refetchAPIKeys();
-								setIsEditModalOpen(false);
-							},
-							onError: (error) => {
-								showErrorNotification(notifications, error as AxiosError);
-							},
-						},
-					);
+					});
 				}
 			})
 			.catch((errorInfo) => {
@@ -465,30 +435,10 @@ function MultiIngestionSettings(): JSX.Element {
 					const requestPayload = {
 						name: values.name,
 						tags: updatedTags,
-						expires_at: new Date(dayjs(values.expires_at).endOf('day').toISOString()),
+						expires_at: dayjs(values.expires_at).endOf('day').toISOString(),
 					};

-					createIngestionKey(
-						{
-							data: requestPayload,
-						},
-						{
-							onSuccess: (_data) => {
-								notifications.success({
-									message: 'Ingestion key created successfully',
-								});
-								// The new API returns GatewaytypesGettableCreatedIngestionKeyDTO with only id and value
-								// We rely on refetchAPIKeys to get the full key object
-								setActiveAPIKey(null);
-								setUpdatedTags([]);
-								hideAddViewModal();
-								refetchAPIKeys();
-							},
-							onError: (error) => {
-								showErrorNotification(notifications, error as AxiosError);
-							},
-						},
-					);
+					createIngestionKey(requestPayload);
 				}
 			})
 			.catch((errorInfo) => {
@@ -515,7 +465,7 @@ function MultiIngestionSettings(): JSX.Element {
 		formatTimezoneAdjustedTimestamp(date, DATE_TIME_FORMATS.UTC_MONTH_COMPACT);

 	const showDeleteLimitModal = (
-		APIKey: GatewaytypesIngestionKeyDTO,
+		APIKey: IngestionKeyProps,
 		limit: LimitProps,
 	): void => {
 		setActiveAPIKey(APIKey);
@@ -539,7 +489,7 @@ function MultiIngestionSettings(): JSX.Element {

 	/* eslint-disable sonarjs/cognitive-complexity */
 	const handleAddLimit = (
-		APIKey: GatewaytypesIngestionKeyDTO,
+		APIKey: IngestionKeyProps,
 		signalName: string,
 	): void => {
 		const {
@@ -552,7 +502,7 @@ function MultiIngestionSettings(): JSX.Element {
 		} = addEditLimitForm.getFieldsValue();

 		const payload: AddLimitProps = {
-			keyID: APIKey.id || '',
+			keyID: APIKey.id,
 			signal: signalName,
 			config: {},
 		};
@@ -626,39 +576,11 @@ function MultiIngestionSettings(): JSX.Element {
 			return;
 		}

-		createLimitForIngestionKey(
-			{
-				pathParams: { keyId: payload.keyID },
-				data: {
-					signal: payload.signal,
-					config: payload.config,
-				},
-			},
-			{
-				onSuccess: () => {
-					notifications.success({
-						message: 'Limit created successfully',
-					});
-					setActiveSignal(null);
-					setActiveAPIKey(null);
-					setIsEditAddLimitOpen(false);
-					setUpdatedTags([]);
-					hideAddViewModal();
-					refetchAPIKeys();
-					setHasCreateLimitForIngestionKeyError(false);
-				},
-				onError: (error: AxiosError<RenderErrorResponseDTO>) => {
-					setHasCreateLimitForIngestionKeyError(true);
-					setCreateLimitForIngestionKeyError(
-						error.response?.data?.error?.message || 'Failed to create limit',
-					);
-				},
-			},
-		);
+		createLimitForIngestionKey(payload);
 	};

 	const handleUpdateLimit = (
-		APIKey: GatewaytypesIngestionKeyDTO,
+		APIKey: IngestionKeyProps,
 		signal: LimitProps,
 	): void => {
 		const {
@@ -722,34 +644,7 @@ function MultiIngestionSettings(): JSX.Element {
 			}
 		}

-		updateLimitForIngestionKey(
-			{
-				pathParams: { limitId: payload.limitID },
-				data: {
-					config: payload.config,
-				},
-			},
-			{
-				onSuccess: () => {
-					notifications.success({
-						message: 'Limit updated successfully',
-					});
-					setActiveSignal(null);
-					setActiveAPIKey(null);
-					setIsEditAddLimitOpen(false);
-					setUpdatedTags([]);
-					hideAddViewModal();
-					refetchAPIKeys();
-					setHasUpdateLimitForIngestionKeyError(false);
-				},
-				onError: (error: AxiosError<RenderErrorResponseDTO>) => {
-					setHasUpdateLimitForIngestionKeyError(true);
-					setUpdateLimitForIngestionKeyError(
-						error.response?.data?.error?.message || 'Failed to update limit',
-					);
-				},
-			},
-		);
+		updateLimitForIngestionKey(payload);
 	};
 	/* eslint-enable sonarjs/cognitive-complexity */

@@ -761,7 +656,7 @@ function MultiIngestionSettings(): JSX.Element {
 	};

 	const enableEditLimitMode = (
-		APIKey: GatewaytypesIngestionKeyDTO,
+		APIKey: IngestionKeyProps,
 		signal: LimitProps,
 	): void => {
 		const dayCount = signal?.config?.day?.count;
@@ -770,11 +665,6 @@ function MultiIngestionSettings(): JSX.Element {
 		const dayCountConverted = countToUnit(dayCount || 0);
 		const secondCountConverted = countToUnit(secondCount || 0);

-		setHasCreateLimitForIngestionKeyError(false);
-		setCreateLimitForIngestionKeyError(null);
-		setHasUpdateLimitForIngestionKeyError(false);
-		setUpdateLimitForIngestionKeyError(null);
-
 		setActiveAPIKey(APIKey);
 		setActiveSignal({
 			...signal,
@@ -813,31 +703,14 @@ function MultiIngestionSettings(): JSX.Element {

 	const onDeleteLimitHandler = (): void => {
 		if (activeSignal && activeSignal.id) {
-			deleteLimitForKey(
-				{
-					pathParams: { limitId: activeSignal.id },
-				},
-				{
-					onSuccess: () => {
-						notifications.success({
-							message: 'Limit deleted successfully',
-						});
-						setIsDeleteModalOpen(false);
-						setIsDeleteLimitModalOpen(false);
-						refetchAPIKeys();
-					},
-					onError: (error) => {
-						showErrorNotification(notifications, error as AxiosError);
-					},
-				},
-			);
+			deleteLimitForKey(activeSignal.id);
 		}
 	};

 	const { formatTimezoneAdjustedTimestamp } = useTimezone();

 	const handleCreateAlert = (
-		APIKey: GatewaytypesIngestionKeyDTO,
+		APIKey: IngestionKeyProps,
 		signal: LimitProps,
 	): void => {
 		let metricName = '';
@@ -898,61 +771,31 @@ function MultiIngestionSettings(): JSX.Element {
 		history.push(URL);
 	};

-	const columns: AntDTableProps<GatewaytypesIngestionKeyDTO>['columns'] = [
+	const columns: AntDTableProps<IngestionKeyProps>['columns'] = [
 		{
 			title: 'Ingestion Key',
 			key: 'ingestion-key',
 			// eslint-disable-next-line sonarjs/cognitive-complexity
-			render: (APIKey: GatewaytypesIngestionKeyDTO): JSX.Element => {
-				const createdOn = APIKey?.created_at
-					? getFormattedTime(
-							dayjs(APIKey.created_at).toISOString(),
-							formatTimezoneAdjustedTimestamp,
-					  )
-					: '';
+			render: (APIKey: IngestionKeyProps): JSX.Element => {
+				const createdOn = getFormattedTime(
+					APIKey.created_at,
+					formatTimezoneAdjustedTimestamp,
+				);

 				const expiresOn =
-					!APIKey?.expires_at ||
-					dayjs(APIKey?.expires_at).toISOString() === '0001-01-01T00:00:00.000Z'
+					!APIKey?.expires_at || APIKey?.expires_at === '0001-01-01T00:00:00Z'
 						? 'No Expiry'
-						: getFormattedTime(
-								dayjs(APIKey?.expires_at).toISOString(),
-								formatTimezoneAdjustedTimestamp,
-						  );
+						: getFormattedTime(APIKey?.expires_at, formatTimezoneAdjustedTimestamp);

-				const updatedOn = APIKey?.updated_at
-					? getFormattedTime(
-							dayjs(APIKey.updated_at).toISOString(),
-							formatTimezoneAdjustedTimestamp,
-					  )
-					: '';
-
-				const onCopyKey = (e: React.MouseEvent): void => {
-					e.stopPropagation();
-					e.preventDefault();
-					if (APIKey?.value) {
-						handleCopyKey(APIKey.value);
-					}
-				};
-
-				const onEditKey = (e: React.MouseEvent): void => {
-					e.stopPropagation();
-					e.preventDefault();
-					showEditModal(APIKey);
-				};
-
-				const onDeleteKey = (e: React.MouseEvent): void => {
-					e.stopPropagation();
-					e.preventDefault();
-					showDeleteModal(APIKey);
-				};
+				const updatedOn = getFormattedTime(
+					APIKey?.updated_at,
+					formatTimezoneAdjustedTimestamp,
+				);

 				// Convert array of limits to a dictionary for quick access
 				const limitsDict: Record<string, LimitProps> = {};
-				APIKey.limits?.forEach((limitItem) => {
-					if (limitItem.signal && limitItem.id) {
-						limitsDict[limitItem.signal] = limitItem as LimitProps;
-					}
+				APIKey.limits?.forEach((limitItem: LimitProps) => {
+					limitsDict[limitItem.signal] = limitItem;
 				});

 				const hasLimits = (signalName: string): boolean => !!limitsDict[signalName];
@@ -969,25 +812,39 @@ function MultiIngestionSettings(): JSX.Element {

 									<div className="ingestion-key-value">
 										<Typography.Text>
-											{APIKey?.value?.substring(0, 2)}********
-											{APIKey?.value
-												?.substring(APIKey?.value?.length ? APIKey.value.length - 2 : 0)
-												.trim()}
+											{APIKey?.value.substring(0, 2)}********
+											{APIKey?.value.substring(APIKey.value.length - 2).trim()}
 										</Typography.Text>

-										<Copy className="copy-key-btn" size={12} onClick={onCopyKey} />
+										<Copy
+											className="copy-key-btn"
+											size={12}
+											onClick={(e): void => {
+												e.stopPropagation();
+												e.preventDefault();
+												handleCopyKey(APIKey.value);
+											}}
+										/>
 									</div>
 								</div>
 								<div className="action-btn">
 									<Button
 										className="periscope-btn ghost"
 										icon={<PenLine size={14} />}
-										onClick={onEditKey}
+										onClick={(e): void => {
+											e.stopPropagation();
+											e.preventDefault();
+											showEditModal(APIKey);
+										}}
 									/>
 									<Button
 										className="periscope-btn ghost"
 										icon={<Trash2 color={Color.BG_CHERRY_500} size={14} />}
-										onClick={onDeleteKey}
+										onClick={(e): void => {
+											e.stopPropagation();
+											e.preventDefault();
+											showDeleteModal(APIKey);
+										}}
 									/>
 								</div>
 							</div>
@@ -997,7 +854,7 @@ function MultiIngestionSettings(): JSX.Element {
 								<Row>
 									<Col span={6}> ID </Col>
 									<Col span={12}>
-										<Typography.Text>{APIKey?.id}</Typography.Text>
+										<Typography.Text>{APIKey.id}</Typography.Text>
 									</Col>
 								</Row>

@@ -1049,39 +906,6 @@ function MultiIngestionSettings(): JSX.Element {
 													limit?.config?.second?.size !== undefined ||
 													limit?.config?.second?.count !== undefined;

-												const onEditSignalLimit = (e: React.MouseEvent): void => {
-													e.stopPropagation();
-													e.preventDefault();
-													enableEditLimitMode(APIKey, limit);
-												};
-
-												const onDeleteSignalLimit = (e: React.MouseEvent): void => {
-													e.stopPropagation();
-													e.preventDefault();
-													showDeleteLimitModal(APIKey, limit);
-												};
-
-												const onAddSignalLimit = (e: React.MouseEvent): void => {
-													e.stopPropagation();
-													e.preventDefault();
-													enableEditLimitMode(APIKey, {
-														id: signalName,
-														signal: signalName,
-														config: {},
-													});
-												};
-
-												const onSaveSignalLimit = (): void => {
-													if (!hasLimits(signalName)) {
-														handleAddLimit(APIKey, signalName);
-													} else {
-														handleUpdateLimit(APIKey, limitsDict[signalName]);
-													}
-												};
-
-												const onCreateSignalAlert = (): void =>
-													handleCreateAlert(APIKey, limitsDict[signalName]);
-
 												return (
 													<div className="signal" key={signalName}>
 														<div className="header">
@@ -1092,18 +916,22 @@ function MultiIngestionSettings(): JSX.Element {
 																		<Button
 																			className="periscope-btn ghost"
 																			icon={<PenLine size={14} />}
-																			disabled={
-																				!!(activeAPIKey?.id === APIKey?.id && activeSignal)
-																			}
-																			onClick={onEditSignalLimit}
+																			disabled={!!(activeAPIKey?.id === APIKey.id && activeSignal)}
+																			onClick={(e): void => {
+																				e.stopPropagation();
+																				e.preventDefault();
+																				enableEditLimitMode(APIKey, limit);
+																			}}
 																		/>
 																		<Button
 																			className="periscope-btn ghost"
 																			icon={<Trash2 color={Color.BG_CHERRY_500} size={14} />}
-																			disabled={
-																				!!(activeAPIKey?.id === APIKey?.id && activeSignal)
-																			}
-																			onClick={onDeleteSignalLimit}
+																			disabled={!!(activeAPIKey?.id === APIKey.id && activeSignal)}
+																			onClick={(e): void => {
+																				e.stopPropagation();
+																				e.preventDefault();
+																				showDeleteLimitModal(APIKey, limit);
+																			}}
 																		/>
 																	</>
 																) : (
@@ -1112,8 +940,16 @@ function MultiIngestionSettings(): JSX.Element {
 																		size="small"
 																		shape="round"
 																		icon={<PlusIcon size={14} />}
-																		disabled={!!(activeAPIKey?.id === APIKey?.id && activeSignal)}
-																		onClick={onAddSignalLimit}
+																		disabled={!!(activeAPIKey?.id === APIKey.id && activeSignal)}
+																		onClick={(e): void => {
+																			e.stopPropagation();
+																			e.preventDefault();
+																			enableEditLimitMode(APIKey, {
+																				id: signalName,
+																				signal: signalName,
+																				config: {},
+																			});
+																		}}
 																	>
 																		Limits
 																	</Button>
@@ -1122,7 +958,7 @@ function MultiIngestionSettings(): JSX.Element {
 														</div>

 														<div className="signal-limit-values">
-															{activeAPIKey?.id === APIKey?.id &&
+															{activeAPIKey?.id === APIKey.id &&
 															activeSignal?.signal === signalName &&
 															isEditAddLimitOpen ? (
 																<Form
@@ -1318,27 +1154,27 @@ function MultiIngestionSettings(): JSX.Element {
 																		</div>
 																	</div>

-																	{activeAPIKey?.id === APIKey?.id &&
+																	{activeAPIKey?.id === APIKey.id &&
 																		activeSignal.signal === signalName &&
 																		!isLoadingLimitForKey &&
 																		hasCreateLimitForIngestionKeyError &&
-																		createLimitForIngestionKeyError && (
+																		createLimitForIngestionKeyError?.error && (
 																			<div className="error">
-																				{createLimitForIngestionKeyError}
+																				{createLimitForIngestionKeyError?.error}
 																			</div>
 																		)}

-																	{activeAPIKey?.id === APIKey?.id &&
+																	{activeAPIKey?.id === APIKey.id &&
 																		activeSignal.signal === signalName &&
 																		!isLoadingLimitForKey &&
 																		hasUpdateLimitForIngestionKeyError &&
-																		updateLimitForIngestionKeyError && (
+																		updateLimitForIngestionKeyError?.error && (
 																			<div className="error">
-																				{updateLimitForIngestionKeyError}
+																				{updateLimitForIngestionKeyError?.error}
 																			</div>
 																		)}

-																	{activeAPIKey?.id === APIKey?.id &&
+																	{activeAPIKey?.id === APIKey.id &&
 																		activeSignal.signal === signalName &&
 																		isEditAddLimitOpen && (
 																			<div className="signal-limit-save-discard">
@@ -1352,7 +1188,13 @@ function MultiIngestionSettings(): JSX.Element {
 																					loading={
 																						isLoadingLimitForKey || isLoadingUpdatedLimitForKey
 																					}
-																					onClick={onSaveSignalLimit}
+																					onClick={(): void => {
+																						if (!hasLimits(signalName)) {
+																							handleAddLimit(APIKey, signalName);
+																						} else {
+																							handleUpdateLimit(APIKey, limitsDict[signalName]);
+																						}
+																					}}
 																				>
 																					Save
 																				</Button>
@@ -1433,7 +1275,9 @@ function MultiIngestionSettings(): JSX.Element {
 																					className="set-alert-btn periscope-btn ghost"
 																					type="text"
 																					data-testid={`set-alert-btn-${signalName}`}
-																					onClick={onCreateSignalAlert}
+																					onClick={(): void =>
+																						handleCreateAlert(APIKey, limitsDict[signalName])
+																					}
 																				/>
 																			</Tooltip>
 																		)}
@@ -1548,7 +1392,7 @@ function MultiIngestionSettings(): JSX.Element {
 	const handleTableChange = (pagination: TablePaginationConfig): void => {
 		setPaginationParams({
 			page: pagination?.current || 1,
-			per_page: INITIAL_PAGE_SIZE,
+			per_page: 10,
 		});
 	};

@@ -1646,7 +1490,7 @@ function MultiIngestionSettings(): JSX.Element {
 					showHeader={false}
 					onChange={handleTableChange}
 					pagination={{
-						pageSize: isSearching ? SEARCH_PAGE_SIZE : paginationParams?.per_page,
+						pageSize: paginationParams?.per_page,
 						hideOnSinglePage: true,
 						showTotal: (total: number, range: number[]): string =>
 							`${range[0]}-${range[1]} of ${total} Ingestion keys`,
--- a/frontend/src/container/IngestionSettings/tests/MultiIngestionSettings.test.tsx
+++ b/frontend/src/container/IngestionSettings/tests/MultiIngestionSettings.test.tsx
@@ -86,34 +86,32 @@ describe('MultiIngestionSettings Page', () => {
 		const user = userEvent.setup({ pointerEventsCheck: 0 });

 		// Arrange API response with a metrics daily count limit so the alert button is visible
-		const response = {
+		const response: TestAllIngestionKeyProps = {
 			status: 'success',
-			data: {
-				keys: [
-					{
-						name: 'Key One',
-						expires_at: TEST_EXPIRES_AT,
-						value: 'secret',
-						workspace_id: TEST_WORKSPACE_ID,
-						id: 'k1',
-						created_at: TEST_CREATED_UPDATED,
-						updated_at: TEST_CREATED_UPDATED,
-						tags: [],
-						limits: [
-							{
-								id: 'l1',
-								signal: 'metrics',
-								config: { day: { count: 1000 } },
-							},
-						],
-					},
-				],
-				_pagination: { page: 1, per_page: 10, pages: 1, total: 1 },
-			},
+			data: [
+				{
+					name: 'Key One',
+					expires_at: TEST_EXPIRES_AT,
+					value: 'secret',
+					workspace_id: TEST_WORKSPACE_ID,
+					id: 'k1',
+					created_at: TEST_CREATED_UPDATED,
+					updated_at: TEST_CREATED_UPDATED,
+					tags: [],
+					limits: [
+						{
+							id: 'l1',
+							signal: 'metrics',
+							config: { day: { count: 1000 } },
+						},
+					],
+				},
+			],
+			_pagination: { page: 1, per_page: 10, pages: 1, total: 1 },
 		};

 		server.use(
-			rest.get('*/api/v2/gateway/ingestion_keys*', (_req, res, ctx) =>
+			rest.get('*/workspaces/me/keys*', (_req, res, ctx) =>
 				res(ctx.status(200), ctx.json(response)),
 			),
 		);
--- a/frontend/src/container/NewWidget/index.tsx
+++ b/frontend/src/container/NewWidget/index.tsx
@@ -27,8 +27,8 @@ import { useIsDarkMode } from 'hooks/useDarkMode';
 import { useSafeNavigate } from 'hooks/useSafeNavigate';
 import useUrlQuery from 'hooks/useUrlQuery';
 import createQueryParams from 'lib/createQueryParams';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { cloneDeep, defaultTo, isEmpty, isUndefined } from 'lodash-es';
 import { Check, X } from 'lucide-react';
 import { DashboardWidgetPageParams } from 'pages/DashboardWidget';
--- a/frontend/src/container/OnboardingV2Container/IngestionDetails/IngestionDetails.tsx
+++ b/frontend/src/container/OnboardingV2Container/IngestionDetails/IngestionDetails.tsx
@@ -2,16 +2,13 @@ import { useEffect, useState } from 'react';
 import { useCopyToClipboard } from 'react-use';
 import { Button, Skeleton, Tooltip, Typography } from 'antd';
 import logEvent from 'api/common/logEvent';
-import { useGetIngestionKeys } from 'api/generated/services/gateway';
-import {
-	GatewaytypesIngestionKeyDTO,
-	RenderErrorResponseDTO,
-} from 'api/generated/services/sigNoz.schemas';
 import { AxiosError } from 'axios';
 import { DOCS_BASE_URL } from 'constants/app';
 import { useGetGlobalConfig } from 'hooks/globalConfig/useGetGlobalConfig';
+import { useGetAllIngestionsKeys } from 'hooks/IngestionKeys/useGetAllIngestionKeys';
 import { useNotifications } from 'hooks/useNotifications';
 import { ArrowUpRight, Copy, Info, Key, TriangleAlert } from 'lucide-react';
+import { IngestionKeyProps } from 'types/api/ingestionKeys/types';

 import './IngestionDetails.styles.scss';

@@ -42,17 +39,17 @@ export default function OnboardingIngestionDetails(): JSX.Element {
 	const { notifications } = useNotifications();
 	const [, handleCopyToClipboard] = useCopyToClipboard();

-	const [
-		firstIngestionKey,
-		setFirstIngestionKey,
-	] = useState<GatewaytypesIngestionKeyDTO>({} as GatewaytypesIngestionKeyDTO);
+	const [firstIngestionKey, setFirstIngestionKey] = useState<IngestionKeyProps>(
+		{} as IngestionKeyProps,
+	);

 	const {
 		data: ingestionKeys,
 		isLoading: isIngestionKeysLoading,
 		error,
 		isError,
-	} = useGetIngestionKeys({
+	} = useGetAllIngestionsKeys({
+		search: '',
 		page: 1,
 		per_page: 10,
 	});
@@ -72,11 +69,8 @@ export default function OnboardingIngestionDetails(): JSX.Element {
 	};

 	useEffect(() => {
-		if (
-			ingestionKeys?.data?.data?.keys &&
-			ingestionKeys?.data.data.keys.length > 0
-		) {
-			setFirstIngestionKey(ingestionKeys?.data.data.keys[0]);
+		if (ingestionKeys?.data.data && ingestionKeys?.data.data.length > 0) {
+			setFirstIngestionKey(ingestionKeys?.data.data[0]);
 		}
 	}, [ingestionKeys]);

@@ -86,8 +80,7 @@ export default function OnboardingIngestionDetails(): JSX.Element {
 				<div className="ingestion-endpoint-section-error-container">
 					<Typography.Text className="ingestion-endpoint-section-error-text error">
 						<TriangleAlert size={14} />{' '}
-						{(error as AxiosError<RenderErrorResponseDTO>)?.response?.data?.error
-							?.message || 'Something went wrong'}
+						{(error as AxiosError)?.message || 'Something went wrong'}
 					</Typography.Text>

 					<div className="ingestion-setup-details-links">
@@ -183,7 +176,7 @@ export default function OnboardingIngestionDetails(): JSX.Element {
 										</Typography.Text>

 										<Typography.Text className="ingestion-key-value-copy">
-											{maskKey(firstIngestionKey?.value || '')}
+											{maskKey(firstIngestionKey?.value)}

 											<Copy
 												size={14}
@@ -193,9 +186,7 @@ export default function OnboardingIngestionDetails(): JSX.Element {
 														`${ONBOARDING_V3_ANALYTICS_EVENTS_MAP?.BASE}: ${ONBOARDING_V3_ANALYTICS_EVENTS_MAP?.INGESTION_KEY_COPIED}`,
 														{},
 													);
-													if (firstIngestionKey?.value) {
-														handleCopyKey(firstIngestionKey.value);
-													}
+													handleCopyKey(firstIngestionKey?.value);
 												}}
 											/>
 										</Typography.Text>
--- a/frontend/src/container/ServiceApplication/utils.ts
+++ b/frontend/src/container/ServiceApplication/utils.ts
@@ -1,8 +1,8 @@
 import { PANEL_TYPES } from 'constants/queryBuilder';
 import { getWidgetQueryBuilder } from 'container/MetricsApplication/MetricsApplication.factory';
 import { updateStepInterval } from 'hooks/queryBuilder/useStepInterval';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { ServicesList } from 'types/api/metrics/getService';
 import { QueryDataV3 } from 'types/api/widgets/getQuery';
 import { EQueryType } from 'types/common/dashboard';
--- a/frontend/src/hooks/queryBuilder/useCreateAlerts.tsx
+++ b/frontend/src/hooks/queryBuilder/useCreateAlerts.tsx
@@ -13,7 +13,7 @@ import { MenuItemKeys } from 'container/GridCardLayout/WidgetHeader/contants';
 import { useDashboardVariables } from 'hooks/dashboard/useDashboardVariables';
 import { useDashboardVariablesByType } from 'hooks/dashboard/useDashboardVariablesByType';
 import { useNotifications } from 'hooks/useNotifications';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { mapQueryDataFromApi } from 'lib/newQueryBuilder/queryBuilderMappers/mapQueryDataFromApi';
 import { isEmpty } from 'lodash-es';
 import { useDashboard } from 'providers/Dashboard/Dashboard';
--- a/frontend/src/hooks/queryBuilder/useGetWidgetQueryRange.ts
+++ b/frontend/src/hooks/queryBuilder/useGetWidgetQueryRange.ts
@@ -3,8 +3,8 @@ import { useSelector } from 'react-redux';
 import { initialQueriesMap } from 'constants/queryBuilder';
 import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
 import { useDashboardVariables } from 'hooks/dashboard/useDashboardVariables';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { AppState } from 'store/reducers';
 import { SuccessResponse } from 'types/api';
 import { MetricRangePayloadProps } from 'types/api/metrics/getQueryRange';
--- a/frontend/src/lib/dashbaordVariables/customCommaValuesParser.ts
+++ b/frontend/src/lib/dashbaordVariables/customCommaValuesParser.ts
--- a/frontend/src/lib/dashbaordVariables/getDashboardVariables.ts
+++ b/frontend/src/lib/dashbaordVariables/getDashboardVariables.ts
--- a/frontend/src/lib/dashbaordVariables/sortVariableValues.ts
+++ b/frontend/src/lib/dashbaordVariables/sortVariableValues.ts
--- a/frontend/src/providers/Dashboard/initializeDefaultVariables.ts
+++ b/frontend/src/providers/Dashboard/initializeDefaultVariables.ts
@@ -1,7 +1,7 @@
 import { ALL_SELECTED_VALUE } from 'components/NewSelect/utils';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';

-import { commaValuesParser } from '../../lib/dashboardVariables/customCommaValuesParser';
+import { commaValuesParser } from '../../lib/dashbaordVariables/customCommaValuesParser';

 interface UrlVariables {
 	[key: string]: any;
--- a/pkg/apis/fields/api.go
+++ b/pkg/apis/fields/api.go
@@ -0,0 +1,127 @@
+package fields
+
+import (
+	"bytes"
+	"io"
+	"net/http"
+
+	"github.com/SigNoz/signoz/pkg/factory"
+	"github.com/SigNoz/signoz/pkg/http/render"
+	"github.com/SigNoz/signoz/pkg/telemetrylogs"
+	"github.com/SigNoz/signoz/pkg/telemetrymetadata"
+	"github.com/SigNoz/signoz/pkg/telemetrymeter"
+	"github.com/SigNoz/signoz/pkg/telemetrymetrics"
+	"github.com/SigNoz/signoz/pkg/telemetrystore"
+	"github.com/SigNoz/signoz/pkg/telemetrytraces"
+	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
+)
+
+type API struct {
+	telemetryStore         telemetrystore.TelemetryStore
+	telemetryMetadataStore telemetrytypes.MetadataStore
+}
+
+// TODO: move this to module and remove metastore init
+func NewAPI(
+	settings factory.ProviderSettings,
+	telemetryStore telemetrystore.TelemetryStore,
+) *API {
+	telemetryMetadataStore := telemetrymetadata.NewTelemetryMetaStore(
+		settings,
+		telemetryStore,
+		telemetrytraces.DBName,
+		telemetrytraces.TagAttributesV2TableName,
+		telemetrytraces.SpanAttributesKeysTblName,
+		telemetrytraces.SpanIndexV3TableName,
+		telemetrymetrics.DBName,
+		telemetrymetrics.AttributesMetadataTableName,
+		telemetrymeter.DBName,
+		telemetrymeter.SamplesAgg1dTableName,
+		telemetrylogs.DBName,
+		telemetrylogs.LogsV2TableName,
+		telemetrylogs.TagAttributesV2TableName,
+		telemetrylogs.LogAttributeKeysTblName,
+		telemetrylogs.LogResourceKeysTblName,
+		telemetrymetadata.DBName,
+		telemetrymetadata.AttributesMetadataLocalTableName,
+	)
+
+	return &API{
+		telemetryStore:         telemetryStore,
+		telemetryMetadataStore: telemetryMetadataStore,
+	}
+}
+
+func (api *API) GetFieldsKeys(w http.ResponseWriter, r *http.Request) {
+
+	type fieldKeysResponse struct {
+		Keys     map[string][]*telemetrytypes.TelemetryFieldKey `json:"keys"`
+		Complete bool                                           `json:"complete"`
+	}
+
+	bodyBytes, _ := io.ReadAll(r.Body)
+	r.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
+	ctx := r.Context()
+
+	fieldKeySelector, err := parseFieldKeyRequest(r)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	keys, complete, err := api.telemetryMetadataStore.GetKeys(ctx, fieldKeySelector)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	response := fieldKeysResponse{
+		Keys:     keys,
+		Complete: complete,
+	}
+
+	render.Success(w, http.StatusOK, response)
+}
+
+func (api *API) GetFieldsValues(w http.ResponseWriter, r *http.Request) {
+
+	type fieldValuesResponse struct {
+		Values   *telemetrytypes.TelemetryFieldValues `json:"values"`
+		Complete bool                                 `json:"complete"`
+	}
+
+	bodyBytes, _ := io.ReadAll(r.Body)
+	r.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
+	ctx := r.Context()
+
+	fieldValueSelector, err := parseFieldValueRequest(r)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	allValues, allComplete, err := api.telemetryMetadataStore.GetAllValues(ctx, fieldValueSelector)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	relatedValues, relatedComplete, err := api.telemetryMetadataStore.GetRelatedValues(ctx, fieldValueSelector)
+	if err != nil {
+		// we don't want to return error if we fail to get related values for some reason
+		relatedValues = []string{}
+	}
+
+	values := &telemetrytypes.TelemetryFieldValues{
+		StringValues:  allValues.StringValues,
+		NumberValues:  allValues.NumberValues,
+		RelatedValues: relatedValues,
+	}
+
+	response := fieldValuesResponse{
+		Values:   values,
+		Complete: allComplete && relatedComplete,
+	}
+
+	render.Success(w, http.StatusOK, response)
+}
--- a/pkg/apis/fields/parse.go
+++ b/pkg/apis/fields/parse.go
@@ -0,0 +1,162 @@
+package fields
+
+import (
+	"net/http"
+	"strconv"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+func parseFieldKeyRequest(r *http.Request) (*telemetrytypes.FieldKeySelector, error) {
+	var req telemetrytypes.FieldKeySelector
+	var signal telemetrytypes.Signal
+	var source telemetrytypes.Source
+	var err error
+
+	signalStr := r.URL.Query().Get("signal")
+	if signalStr != "" {
+		signal = telemetrytypes.Signal{String: valuer.NewString(signalStr)}
+	} else {
+		signal = telemetrytypes.SignalUnspecified
+	}
+
+	sourceStr := r.URL.Query().Get("source")
+	if sourceStr != "" {
+		source = telemetrytypes.Source{String: valuer.NewString(sourceStr)}
+	} else {
+		source = telemetrytypes.SourceUnspecified
+	}
+
+	if r.URL.Query().Get("limit") != "" {
+		limit, err := strconv.Atoi(r.URL.Query().Get("limit"))
+		if err != nil {
+			return nil, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to parse limit")
+		}
+		req.Limit = limit
+	} else {
+		req.Limit = 1000
+	}
+
+	var startUnixMilli, endUnixMilli int64
+
+	if r.URL.Query().Get("startUnixMilli") != "" {
+		startUnixMilli, err = strconv.ParseInt(r.URL.Query().Get("startUnixMilli"), 10, 64)
+		if err != nil {
+			return nil, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to parse startUnixMilli")
+		}
+		// Round down to the nearest 6 hours (21600000 milliseconds)
+		startUnixMilli -= startUnixMilli % 21600000
+	}
+	if r.URL.Query().Get("endUnixMilli") != "" {
+		endUnixMilli, err = strconv.ParseInt(r.URL.Query().Get("endUnixMilli"), 10, 64)
+		if err != nil {
+			return nil, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to parse endUnixMilli")
+		}
+	}
+
+	// Parse fieldContext directly instead of using JSON unmarshalling.
+	var fieldContext telemetrytypes.FieldContext
+	fieldContextStr := r.URL.Query().Get("fieldContext")
+	if fieldContextStr != "" {
+		fieldContext = telemetrytypes.FieldContext{String: valuer.NewString(fieldContextStr)}
+	}
+
+	// Parse fieldDataType directly instead of using JSON unmarshalling.
+	var fieldDataType telemetrytypes.FieldDataType
+	fieldDataTypeStr := r.URL.Query().Get("fieldDataType")
+	if fieldDataTypeStr != "" {
+		fieldDataType = telemetrytypes.FieldDataType{String: valuer.NewString(fieldDataTypeStr)}
+	}
+
+	metricName := r.URL.Query().Get("metricName")
+	var metricContext *telemetrytypes.MetricContext
+	if metricName != "" {
+		metricContext = &telemetrytypes.MetricContext{
+			MetricName: metricName,
+		}
+	}
+
+	name := r.URL.Query().Get("searchText")
+
+	if name != "" && fieldContext == telemetrytypes.FieldContextUnspecified {
+		parsedFieldKey := telemetrytypes.GetFieldKeyFromKeyText(name)
+		if parsedFieldKey.FieldContext != telemetrytypes.FieldContextUnspecified {
+			// Only apply inferred context if it is valid for the current signal
+			if isContextValidForSignal(parsedFieldKey.FieldContext, signal) {
+				name = parsedFieldKey.Name
+				fieldContext = parsedFieldKey.FieldContext
+			}
+		}
+	}
+
+	req = telemetrytypes.FieldKeySelector{
+		StartUnixMilli:    startUnixMilli,
+		EndUnixMilli:      endUnixMilli,
+		Signal:            signal,
+		Source:            source,
+		Name:              name,
+		FieldContext:      fieldContext,
+		FieldDataType:     fieldDataType,
+		Limit:             req.Limit,
+		SelectorMatchType: telemetrytypes.FieldSelectorMatchTypeFuzzy,
+		MetricContext:     metricContext,
+	}
+	return &req, nil
+}
+
+func parseFieldValueRequest(r *http.Request) (*telemetrytypes.FieldValueSelector, error) {
+	keySelector, err := parseFieldKeyRequest(r)
+	if err != nil {
+		return nil, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to parse field key request")
+	}
+
+	name := r.URL.Query().Get("name")
+	if name != "" && keySelector.FieldContext == telemetrytypes.FieldContextUnspecified {
+		parsedFieldKey := telemetrytypes.GetFieldKeyFromKeyText(name)
+		if parsedFieldKey.FieldContext != telemetrytypes.FieldContextUnspecified {
+			// Only apply inferred context if it is valid for the current signal
+			if isContextValidForSignal(parsedFieldKey.FieldContext, keySelector.Signal) {
+				name = parsedFieldKey.Name
+				keySelector.FieldContext = parsedFieldKey.FieldContext
+			}
+		}
+	}
+	keySelector.Name = name
+	existingQuery := r.URL.Query().Get("existingQuery")
+	value := r.URL.Query().Get("searchText")
+
+	// Parse limit for fieldValue request, fallback to default 50 if parsing fails.
+	limit, err := strconv.Atoi(r.URL.Query().Get("limit"))
+	if err != nil {
+		limit = 50
+	}
+
+	req := telemetrytypes.FieldValueSelector{
+		FieldKeySelector: keySelector,
+		ExistingQuery:    existingQuery,
+		Value:            value,
+		Limit:            limit,
+	}
+
+	return &req, nil
+}
+
+func isContextValidForSignal(ctx telemetrytypes.FieldContext, signal telemetrytypes.Signal) bool {
+	if ctx == telemetrytypes.FieldContextResource ||
+		ctx == telemetrytypes.FieldContextAttribute ||
+		ctx == telemetrytypes.FieldContextScope {
+		return true
+	}
+
+	switch signal.StringValue() {
+	case telemetrytypes.SignalLogs.StringValue():
+		return ctx == telemetrytypes.FieldContextLog || ctx == telemetrytypes.FieldContextBody
+	case telemetrytypes.SignalTraces.StringValue():
+		return ctx == telemetrytypes.FieldContextSpan || ctx == telemetrytypes.FieldContextEvent || ctx == telemetrytypes.FieldContextTrace
+	case telemetrytypes.SignalMetrics.StringValue():
+		return ctx == telemetrytypes.FieldContextMetric
+	}
+	return true
+}
--- a/pkg/apiserver/signozapiserver/fields.go
+++ b/pkg/apiserver/signozapiserver/fields.go
@@ -1,50 +0,0 @@
-package signozapiserver
-
-import (
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/gorilla/mux"
-)
-
-func (provider *provider) addFieldsRoutes(router *mux.Router) error {
-	if err := router.Handle("/api/v1/fields/keys", handler.New(provider.authZ.ViewAccess(provider.fieldsHandler.GetFieldsKeys), handler.OpenAPIDef{
-		ID:                  "GetFieldsKeys",
-		Tags:                []string{"fields"},
-		Summary:             "Get field keys",
-		Description:         "This endpoint returns field keys",
-		Request:             nil,
-		RequestQuery:        new(telemetrytypes.PostableFieldKeysParams),
-		RequestContentType:  "",
-		Response:            new(telemetrytypes.GettableFieldKeys),
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
-	})).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v1/fields/values", handler.New(provider.authZ.ViewAccess(provider.fieldsHandler.GetFieldsValues), handler.OpenAPIDef{
-		ID:                  "GetFieldsValues",
-		Tags:                []string{"fields"},
-		Summary:             "Get field values",
-		Description:         "This endpoint returns field values",
-		Request:             nil,
-		RequestQuery:        new(telemetrytypes.PostableFieldValueParams),
-		RequestContentType:  "",
-		Response:            new(telemetrytypes.GettableFieldValues),
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
-	})).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
-	return nil
-}
--- a/pkg/apiserver/signozapiserver/provider.go
+++ b/pkg/apiserver/signozapiserver/provider.go
@@ -13,11 +13,11 @@ import (
 	"github.com/SigNoz/signoz/pkg/http/middleware"
 	"github.com/SigNoz/signoz/pkg/modules/authdomain"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
-	"github.com/SigNoz/signoz/pkg/modules/fields"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/preference"
 	"github.com/SigNoz/signoz/pkg/modules/promote"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/modules/session"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/types"
@@ -42,8 +42,8 @@ type provider struct {
 	dashboardHandler       dashboard.Handler
 	metricsExplorerHandler metricsexplorer.Handler
 	gatewayHandler         gateway.Handler
-	fieldsHandler          fields.Handler
-	authzHandler           authz.Handler
+	roleGetter             role.Getter
+	roleHandler            role.Handler
 }

 func NewFactory(
@@ -61,31 +61,11 @@ func NewFactory(
 	dashboardHandler dashboard.Handler,
 	metricsExplorerHandler metricsexplorer.Handler,
 	gatewayHandler gateway.Handler,
-	fieldsHandler fields.Handler,
-	authzHandler authz.Handler,
+	roleGetter role.Getter,
+	roleHandler role.Handler,
 ) factory.ProviderFactory[apiserver.APIServer, apiserver.Config] {
 	return factory.NewProviderFactory(factory.MustNewName("signoz"), func(ctx context.Context, providerSettings factory.ProviderSettings, config apiserver.Config) (apiserver.APIServer, error) {
-		return newProvider(
-			ctx,
-			providerSettings,
-			config,
-			orgGetter,
-			authz,
-			orgHandler,
-			userHandler,
-			sessionHandler,
-			authDomainHandler,
-			preferenceHandler,
-			globalHandler,
-			promoteHandler,
-			flaggerHandler,
-			dashboardModule,
-			dashboardHandler,
-			metricsExplorerHandler,
-			gatewayHandler,
-			fieldsHandler,
-			authzHandler,
-		)
+		return newProvider(ctx, providerSettings, config, orgGetter, authz, orgHandler, userHandler, sessionHandler, authDomainHandler, preferenceHandler, globalHandler, promoteHandler, flaggerHandler, dashboardModule, dashboardHandler, metricsExplorerHandler, gatewayHandler, roleGetter, roleHandler)
 	})
 }

@@ -107,8 +87,8 @@ func newProvider(
 	dashboardHandler dashboard.Handler,
 	metricsExplorerHandler metricsexplorer.Handler,
 	gatewayHandler gateway.Handler,
-	fieldsHandler fields.Handler,
-	authzHandler authz.Handler,
+	roleGetter role.Getter,
+	roleHandler role.Handler,
 ) (apiserver.APIServer, error) {
 	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/apiserver/signozapiserver")
 	router := mux.NewRouter().UseEncodedPath()
@@ -129,11 +109,11 @@ func newProvider(
 		dashboardHandler:       dashboardHandler,
 		metricsExplorerHandler: metricsExplorerHandler,
 		gatewayHandler:         gatewayHandler,
-		fieldsHandler:          fieldsHandler,
-		authzHandler:           authzHandler,
+		roleGetter:             roleGetter,
+		roleHandler:            roleHandler,
 	}

-	provider.authZ = middleware.NewAuthZ(settings.Logger(), orgGetter, authz)
+	provider.authZ = middleware.NewAuthZ(settings.Logger(), orgGetter, authz, roleGetter)

 	if err := provider.AddToRouter(router); err != nil {
 		return nil, err
@@ -195,10 +175,6 @@ func (provider *provider) AddToRouter(router *mux.Router) error {
 		return err
 	}

-	if err := provider.addFieldsRoutes(router); err != nil {
-		return err
-	}
-
 	return nil
 }

--- a/pkg/apiserver/signozapiserver/role.go
+++ b/pkg/apiserver/signozapiserver/role.go
@@ -10,7 +10,7 @@ import (
 )

 func (provider *provider) addRoleRoutes(router *mux.Router) error {
-	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Create), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Create), handler.OpenAPIDef{
 		ID:                  "CreateRole",
 		Tags:                []string{"role"},
 		Summary:             "Create role",
@@ -27,7 +27,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}

-	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.authzHandler.List), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.roleHandler.List), handler.OpenAPIDef{
 		ID:                  "ListRoles",
 		Tags:                []string{"role"},
 		Summary:             "List roles",
@@ -44,7 +44,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}

-	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Get), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Get), handler.OpenAPIDef{
 		ID:                  "GetRole",
 		Tags:                []string{"role"},
 		Summary:             "Get role",
@@ -61,7 +61,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}

-	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Patch), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Patch), handler.OpenAPIDef{
 		ID:                  "PatchRole",
 		Tags:                []string{"role"},
 		Summary:             "Patch role",
@@ -78,7 +78,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}

-	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Delete), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Delete), handler.OpenAPIDef{
 		ID:                  "DeleteRole",
 		Tags:                []string{"role"},
 		Summary:             "Delete role",
--- a/pkg/authz/authz.go
+++ b/pkg/authz/authz.go
@@ -2,11 +2,9 @@ package authz

 import (
 	"context"
-	"net/http"

 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 )
@@ -31,76 +29,4 @@ type AuthZ interface {

 	// Lists the selectors for objects assigned to subject (s) with relation (r) on resource (s)
 	ListObjects(context.Context, string, authtypes.Relation, authtypes.Typeable) ([]*authtypes.Object, error)
-
-	// Creates the role.
-	Create(context.Context, valuer.UUID, *roletypes.Role) error
-
-	// Gets the role if it exists or creates one.
-	GetOrCreate(context.Context, valuer.UUID, *roletypes.Role) (*roletypes.Role, error)
-
-	// Gets the objects associated with the given role and relation.
-	GetObjects(context.Context, valuer.UUID, valuer.UUID, authtypes.Relation) ([]*authtypes.Object, error)
-
-	// Gets all the typeable resources registered from role registry.
-	GetResources(context.Context) []*authtypes.Resource
-
-	// Patches the role.
-	Patch(context.Context, valuer.UUID, *roletypes.Role) error
-
-	// Patches the objects in authorization server associated with the given role and relation
-	PatchObjects(context.Context, valuer.UUID, string, authtypes.Relation, []*authtypes.Object, []*authtypes.Object) error
-
-	// Deletes the role and tuples in authorization server.
-	Delete(context.Context, valuer.UUID, valuer.UUID) error
-
-	// Gets the role
-	Get(context.Context, valuer.UUID, valuer.UUID) (*roletypes.Role, error)
-
-	// Gets the role by org_id and name
-	GetByOrgIDAndName(context.Context, valuer.UUID, string) (*roletypes.Role, error)
-
-	// Lists all the roles for the organization.
-	List(context.Context, valuer.UUID) ([]*roletypes.Role, error)
-
-	//  Lists all the roles for the organization filtered by name
-	ListByOrgIDAndNames(context.Context, valuer.UUID, []string) ([]*roletypes.Role, error)
-
-	// Grants a role to the subject based on role name.
-	Grant(context.Context, valuer.UUID, string, string) error
-
-	// Revokes a granted role from the subject based on role name.
-	Revoke(context.Context, valuer.UUID, string, string) error
-
-	// Changes the granted role for the subject based on role name.
-	ModifyGrant(context.Context, valuer.UUID, string, string, string) error
-
-	// Bootstrap the managed roles.
-	CreateManagedRoles(context.Context, valuer.UUID, []*roletypes.Role) error
-
-	// Bootstrap managed roles transactions and user assignments
-	CreateManagedUserRoleTransactions(context.Context, valuer.UUID, valuer.UUID) error
-}
-
-type RegisterTypeable interface {
-	MustGetTypeables() []authtypes.Typeable
-
-	MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction
-}
-
-type Handler interface {
-	Create(http.ResponseWriter, *http.Request)
-
-	Get(http.ResponseWriter, *http.Request)
-
-	GetObjects(http.ResponseWriter, *http.Request)
-
-	GetResources(http.ResponseWriter, *http.Request)
-
-	List(http.ResponseWriter, *http.Request)
-
-	Patch(http.ResponseWriter, *http.Request)
-
-	PatchObjects(http.ResponseWriter, *http.Request)
-
-	Delete(http.ResponseWriter, *http.Request)
 }
--- a/pkg/authz/openfgaserver/logger.go
+++ b/pkg/authz/openfgaserver/logger.go
@@ -1,4 +1,4 @@
-package openfgaserver
+package openfgaauthz

 import (
 	"context"
--- a/pkg/authz/openfgaauthz/provider.go
+++ b/pkg/authz/openfgaauthz/provider.go
@@ -2,24 +2,35 @@ package openfgaauthz

 import (
 	"context"
+	"strconv"
+	"sync"

 	authz "github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/authz/authzstore/sqlauthzstore"
-	"github.com/SigNoz/signoz/pkg/authz/openfgaserver"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"

 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
+	openfgapkgserver "github.com/openfga/openfga/pkg/server"
+	"google.golang.org/protobuf/encoding/protojson"
+)
+
+var (
+	openfgaDefaultStore = valuer.NewString("signoz")
 )

 type provider struct {
-	server *openfgaserver.Server
-	store  roletypes.Store
+	config        authz.Config
+	settings      factory.ScopedProviderSettings
+	openfgaSchema []openfgapkgtransformer.ModuleFile
+	openfgaServer *openfgapkgserver.Server
+	storeID       string
+	modelID       string
+	mtx           sync.RWMutex
+	stopChan      chan struct{}
 }

 func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) factory.ProviderFactory[authz.AuthZ, authz.Config] {
@@ -29,194 +40,301 @@ func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtr
 }

 func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) (authz.AuthZ, error) {
-	server, err := openfgaserver.NewOpenfgaServer(ctx, settings, config, sqlstore, openfgaSchema)
+	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/pkg/authz/openfgaauthz")
+
+	store, err := NewSQLStore(sqlstore)
 	if err != nil {
+		scopedProviderSettings.Logger().DebugContext(ctx, "failed to initialize sqlstore for authz")
+		return nil, err
+	}
+
+	// setup the openfga server
+	opts := []openfgapkgserver.OpenFGAServiceV1Option{
+		openfgapkgserver.WithDatastore(store),
+		openfgapkgserver.WithLogger(NewLogger(scopedProviderSettings.Logger())),
+		openfgapkgserver.WithContextPropagationToDatastore(true),
+	}
+	openfgaServer, err := openfgapkgserver.NewServerWithOpts(opts...)
+	if err != nil {
+		scopedProviderSettings.Logger().DebugContext(ctx, "failed to create authz server")
 		return nil, err
 	}

 	return &provider{
-		server: server,
-		store:  sqlauthzstore.NewSqlAuthzStore(sqlstore),
+		config:        config,
+		settings:      scopedProviderSettings,
+		openfgaServer: openfgaServer,
+		openfgaSchema: openfgaSchema,
+		mtx:           sync.RWMutex{},
+		stopChan:      make(chan struct{}),
 	}, nil
 }

 func (provider *provider) Start(ctx context.Context) error {
-	return provider.server.Start(ctx)
+	storeId, err := provider.getOrCreateStore(ctx, openfgaDefaultStore.StringValue())
+	if err != nil {
+		return err
+	}
+
+	modelID, err := provider.getOrCreateModel(ctx, storeId)
+	if err != nil {
+		return err
+	}
+
+	provider.mtx.Lock()
+	provider.modelID = modelID
+	provider.storeID = storeId
+	provider.mtx.Unlock()
+
+	<-provider.stopChan
+	return nil
 }

 func (provider *provider) Stop(ctx context.Context) error {
-	return provider.server.Stop(ctx)
+	provider.openfgaServer.Close()
+	close(provider.stopChan)
+	return nil
 }

 func (provider *provider) Check(ctx context.Context, tupleReq *openfgav1.TupleKey) error {
-	return provider.server.Check(ctx, tupleReq)
+	storeID, modelID := provider.getStoreIDandModelID()
+	checkResponse, err := provider.openfgaServer.Check(
+		ctx,
+		&openfgav1.CheckRequest{
+			StoreId:              storeID,
+			AuthorizationModelId: modelID,
+			TupleKey: &openfgav1.CheckRequestTupleKey{
+				User:     tupleReq.User,
+				Relation: tupleReq.Relation,
+				Object:   tupleReq.Object,
+			},
+		})
+	if err != nil {
+		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
+	}
+
+	if !checkResponse.Allowed {
+		return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subject %s cannot %s object %s", tupleReq.User, tupleReq.Relation, tupleReq.Object)
+	}
+
+	return nil
 }

 func (provider *provider) BatchCheck(ctx context.Context, tupleReq []*openfgav1.TupleKey) error {
-	return provider.server.BatchCheck(ctx, tupleReq)
+	storeID, modelID := provider.getStoreIDandModelID()
+	batchCheckItems := make([]*openfgav1.BatchCheckItem, 0)
+	for idx, tuple := range tupleReq {
+		batchCheckItems = append(batchCheckItems, &openfgav1.BatchCheckItem{
+			TupleKey: &openfgav1.CheckRequestTupleKey{
+				User:     tuple.User,
+				Relation: tuple.Relation,
+				Object:   tuple.Object,
+			},
+			// the batch check response is map[string] keyed by correlationID.
+			CorrelationId: strconv.Itoa(idx),
+		})
+	}
+
+	checkResponse, err := provider.openfgaServer.BatchCheck(
+		ctx,
+		&openfgav1.BatchCheckRequest{
+			StoreId:              storeID,
+			AuthorizationModelId: modelID,
+			Checks:               batchCheckItems,
+		})
+	if err != nil {
+		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
+	}
+
+	for _, checkResponse := range checkResponse.Result {
+		if checkResponse.GetAllowed() {
+			return nil
+		}
+	}
+
+	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
+
 }

-func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	return provider.server.CheckWithTupleCreation(ctx, claims, orgID, relation, typeable, selectors, roleSelectors)
+func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
+	if err != nil {
+		return err
+	}
+
+	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
+	if err != nil {
+		return err
+	}
+
+	err = provider.BatchCheck(ctx, tuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
 }

-func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	return provider.server.CheckWithTupleCreationWithoutClaims(ctx, orgID, relation, typeable, selectors, roleSelectors)
+func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
+	if err != nil {
+		return err
+	}
+
+	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
+	if err != nil {
+		return err
+	}
+
+	err = provider.BatchCheck(ctx, tuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
 }

 func (provider *provider) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
-	return provider.server.Write(ctx, additions, deletions)
+	if len(additions) == 0 && len(deletions) == 0 {
+		return nil
+	}
+
+	storeID, modelID := provider.getStoreIDandModelID()
+	deletionTuplesWithoutCondition := make([]*openfgav1.TupleKeyWithoutCondition, len(deletions))
+	for idx, tuple := range deletions {
+		deletionTuplesWithoutCondition[idx] = &openfgav1.TupleKeyWithoutCondition{User: tuple.User, Object: tuple.Object, Relation: tuple.Relation}
+	}
+
+	_, err := provider.openfgaServer.Write(ctx, &openfgav1.WriteRequest{
+		StoreId:              storeID,
+		AuthorizationModelId: modelID,
+		Writes: func() *openfgav1.WriteRequestWrites {
+			if len(additions) == 0 {
+				return nil
+			}
+			return &openfgav1.WriteRequestWrites{
+				TupleKeys:   additions,
+				OnDuplicate: "ignore",
+			}
+		}(),
+		Deletes: func() *openfgav1.WriteRequestDeletes {
+			if len(deletionTuplesWithoutCondition) == 0 {
+				return nil
+			}
+			return &openfgav1.WriteRequestDeletes{
+				TupleKeys: deletionTuplesWithoutCondition,
+				OnMissing: "ignore",
+			}
+		}(),
+	})
+
+	return err
 }

 func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
-	return provider.server.ListObjects(ctx, subject, relation, typeable)
-}
-
-func (provider *provider) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
-	storableRole, err := provider.store.Get(ctx, orgID, id)
-	if err != nil {
-		return nil, err
-	}
-
-	return roletypes.NewRoleFromStorableRole(storableRole), nil
-}
-
-func (provider *provider) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
-	storableRole, err := provider.store.GetByOrgIDAndName(ctx, orgID, name)
-	if err != nil {
-		return nil, err
-	}
-
-	return roletypes.NewRoleFromStorableRole(storableRole), nil
-}
-
-func (provider *provider) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
-	storableRoles, err := provider.store.List(ctx, orgID)
-	if err != nil {
-		return nil, err
-	}
-
-	roles := make([]*roletypes.Role, len(storableRoles))
-	for idx, storableRole := range storableRoles {
-		roles[idx] = roletypes.NewRoleFromStorableRole(storableRole)
-	}
-
-	return roles, nil
-}
-
-func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
-	storableRoles, err := provider.store.ListByOrgIDAndNames(ctx, orgID, names)
-	if err != nil {
-		return nil, err
-	}
-
-	roles := make([]*roletypes.Role, len(storableRoles))
-	for idx, storable := range storableRoles {
-		roles[idx] = roletypes.NewRoleFromStorableRole(storable)
-	}
-
-	return roles, nil
-}
-
-func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	tuples, err := authtypes.TypeableRole.Tuples(
-		subject,
-		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, name),
-		},
-		orgID,
-	)
-	if err != nil {
-		return err
-	}
-	return provider.Write(ctx, tuples, nil)
-}
-
-func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
-	err := provider.Revoke(ctx, orgID, existingRoleName, subject)
-	if err != nil {
-		return err
-	}
-
-	err = provider.Grant(ctx, orgID, updatedRoleName, subject)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	tuples, err := authtypes.TypeableRole.Tuples(
-		subject,
-		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, name),
-		},
-		orgID,
-	)
-	if err != nil {
-		return err
-	}
-	return provider.Write(ctx, nil, tuples)
-}
-
-func (provider *provider) CreateManagedRoles(ctx context.Context, _ valuer.UUID, managedRoles []*roletypes.Role) error {
-	err := provider.store.RunInTx(ctx, func(ctx context.Context) error {
-		for _, role := range managedRoles {
-			err := provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
-			if err != nil {
-				return err
-			}
-		}
-
-		return nil
+	storeID, modelID := provider.getStoreIDandModelID()
+	response, err := provider.openfgaServer.ListObjects(ctx, &openfgav1.ListObjectsRequest{
+		StoreId:              storeID,
+		AuthorizationModelId: modelID,
+		User:                 subject,
+		Relation:             relation.StringValue(),
+		Type:                 typeable.Type().StringValue(),
 	})
-
 	if err != nil {
-		return err
+		return nil, errors.Wrapf(err, errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "cannot list objects for subject %s with relation %s for type %s", subject, relation.StringValue(), typeable.Type().StringValue())
 	}

-	return nil
+	return authtypes.MustNewObjectsFromStringSlice(response.Objects), nil
 }

-func (provider *provider) SetManagedRoleTransactions(context.Context, valuer.UUID) error {
-	return nil
+func (provider *provider) getOrCreateStore(ctx context.Context, name string) (string, error) {
+	stores, err := provider.openfgaServer.ListStores(ctx, &openfgav1.ListStoresRequest{})
+	if err != nil {
+		return "", err
+	}
+
+	for _, store := range stores.GetStores() {
+		if store.GetName() == name {
+			return store.Id, nil
+		}
+	}
+
+	store, err := provider.openfgaServer.CreateStore(ctx, &openfgav1.CreateStoreRequest{Name: name})
+	if err != nil {
+		return "", err
+	}
+
+	return store.Id, nil
 }

-func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
-	return provider.Grant(ctx, orgID, roletypes.SigNozAdminRoleName, authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil))
+func (provider *provider) getOrCreateModel(ctx context.Context, storeID string) (string, error) {
+	schema, err := openfgapkgtransformer.TransformModuleFilesToModel(provider.openfgaSchema, "1.1")
+	if err != nil {
+		return "", err
+	}
+
+	authorisationModels, err := provider.openfgaServer.ReadAuthorizationModels(ctx, &openfgav1.ReadAuthorizationModelsRequest{StoreId: storeID})
+	if err != nil {
+		return "", err
+	}
+
+	for _, authModel := range authorisationModels.GetAuthorizationModels() {
+		equal, err := provider.isModelEqual(schema, authModel)
+		if err != nil {
+			return "", err
+		}
+		if equal {
+			return authModel.Id, nil
+		}
+	}
+
+	authorizationModel, err := provider.openfgaServer.WriteAuthorizationModel(ctx, &openfgav1.WriteAuthorizationModelRequest{
+		StoreId:         storeID,
+		TypeDefinitions: schema.TypeDefinitions,
+		SchemaVersion:   schema.SchemaVersion,
+		Conditions:      schema.Conditions,
+	})
+	if err != nil {
+		return "", err
+	}
+
+	return authorizationModel.AuthorizationModelId, nil
 }

-func (setter *provider) Create(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+// the language model doesn't have any equality check
+// https://github.com/openfga/language/blob/main/pkg/go/transformer/module-to-model_test.go#L38
+func (provider *provider) isModelEqual(expected *openfgav1.AuthorizationModel, actual *openfgav1.AuthorizationModel) (bool, error) {
+	// we need to initialize a new model since the model extracted from schema doesn't have id
+	expectedAuthModel := openfgav1.AuthorizationModel{
+		SchemaVersion:   expected.SchemaVersion,
+		TypeDefinitions: expected.TypeDefinitions,
+		Conditions:      expected.Conditions,
+	}
+	expectedAuthModelBytes, err := protojson.Marshal(&expectedAuthModel)
+	if err != nil {
+		return false, err
+	}
+
+	actualAuthModel := openfgav1.AuthorizationModel{
+		SchemaVersion:   actual.SchemaVersion,
+		TypeDefinitions: actual.TypeDefinitions,
+		Conditions:      actual.Conditions,
+	}
+	actualAuthModelBytes, err := protojson.Marshal(&actualAuthModel)
+	if err != nil {
+		return false, err
+	}
+
+	return string(expectedAuthModelBytes) == string(actualAuthModelBytes), nil
+
 }

-func (provider *provider) GetOrCreate(_ context.Context, _ valuer.UUID, _ *roletypes.Role) (*roletypes.Role, error) {
-	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
+func (provider *provider) getStoreIDandModelID() (string, string) {
+	provider.mtx.RLock()
+	defer provider.mtx.RUnlock()

-func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource {
-	return nil
-}
+	storeID := provider.storeID
+	modelID := provider.modelID

-func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
-	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (provider *provider) Patch(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (provider *provider) PatchObjects(_ context.Context, _ valuer.UUID, _ string, _ authtypes.Relation, _, _ []*authtypes.Object) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (provider *provider) Delete(_ context.Context, _ valuer.UUID, _ valuer.UUID) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (provider *provider) MustGetTypeables() []authtypes.Typeable {
-	return nil
+	return storeID, modelID
 }
--- a/pkg/authz/openfgaauthz/provider_test.go
+++ b/pkg/authz/openfgaauthz/provider_test.go
@@ -1,4 +1,4 @@
-package openfgaserver
+package openfgaauthz

 import (
 	"context"
@@ -20,7 +20,7 @@ func TestProviderStartStop(t *testing.T) {

 	expectedModel := `module base 
 	type user`
-	provider, err := NewOpenfgaServer(context.Background(), providerSettings, authz.Config{}, sqlstore, []transformer.ModuleFile{{Name: "test.fga", Contents: expectedModel}})
+	provider, err := newOpenfgaProvider(context.Background(), providerSettings, authz.Config{}, sqlstore, []transformer.ModuleFile{{Name: "test.fga", Contents: expectedModel}})
 	require.NoError(t, err)

 	storeRows := sqlstore.Mock().NewRows([]string{"id", "name", "created_at", "updated_at"}).AddRow("01K3V0NTN47MPTMEV1PD5ST6ZC", "signoz", time.Now(), time.Now())
--- a/pkg/authz/openfgaserver/sqlstore.go
+++ b/pkg/authz/openfgaserver/sqlstore.go
@@ -1,4 +1,4 @@
-package openfgaserver
+package openfgaauthz

 import (
 	"github.com/SigNoz/signoz/pkg/errors"
--- a/pkg/authz/openfgaserver/server.go
+++ b/pkg/authz/openfgaserver/server.go
@@ -1,334 +0,0 @@
-package openfgaserver
-
-import (
-	"context"
-	"strconv"
-	"sync"
-
-	authz "github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/sqlstore"
-	openfgav1 "github.com/openfga/api/proto/openfga/v1"
-	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
-	openfgapkgserver "github.com/openfga/openfga/pkg/server"
-	"google.golang.org/protobuf/encoding/protojson"
-)
-
-var (
-	openfgaDefaultStore = valuer.NewString("signoz")
-)
-
-type Server struct {
-	config        authz.Config
-	settings      factory.ScopedProviderSettings
-	openfgaSchema []openfgapkgtransformer.ModuleFile
-	openfgaServer *openfgapkgserver.Server
-	storeID       string
-	modelID       string
-	mtx           sync.RWMutex
-	stopChan      chan struct{}
-}
-
-func NewOpenfgaServer(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) (*Server, error) {
-	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/pkg/authz/openfgaauthz")
-
-	store, err := NewSQLStore(sqlstore)
-	if err != nil {
-		scopedProviderSettings.Logger().DebugContext(ctx, "failed to initialize sqlstore for authz")
-		return nil, err
-	}
-
-	// setup the openfga server
-	opts := []openfgapkgserver.OpenFGAServiceV1Option{
-		openfgapkgserver.WithDatastore(store),
-		openfgapkgserver.WithLogger(NewLogger(scopedProviderSettings.Logger())),
-		openfgapkgserver.WithContextPropagationToDatastore(true),
-	}
-	openfgaServer, err := openfgapkgserver.NewServerWithOpts(opts...)
-	if err != nil {
-		scopedProviderSettings.Logger().DebugContext(ctx, "failed to create authz server")
-		return nil, err
-	}
-
-	return &Server{
-		config:        config,
-		settings:      scopedProviderSettings,
-		openfgaServer: openfgaServer,
-		openfgaSchema: openfgaSchema,
-		mtx:           sync.RWMutex{},
-		stopChan:      make(chan struct{}),
-	}, nil
-}
-
-func (server *Server) Start(ctx context.Context) error {
-	storeID, err := server.getOrCreateStore(ctx, openfgaDefaultStore.StringValue())
-	if err != nil {
-		return err
-	}
-
-	modelID, err := server.getOrCreateModel(ctx, storeID)
-	if err != nil {
-		return err
-	}
-
-	server.mtx.Lock()
-	server.modelID = modelID
-	server.storeID = storeID
-	server.mtx.Unlock()
-
-	<-server.stopChan
-	return nil
-}
-
-func (server *Server) Stop(ctx context.Context) error {
-	server.openfgaServer.Close()
-	close(server.stopChan)
-	return nil
-}
-
-func (server *Server) Check(ctx context.Context, tupleReq *openfgav1.TupleKey) error {
-	storeID, modelID := server.getStoreIDandModelID()
-	checkResponse, err := server.openfgaServer.Check(
-		ctx,
-		&openfgav1.CheckRequest{
-			StoreId:              storeID,
-			AuthorizationModelId: modelID,
-			TupleKey: &openfgav1.CheckRequestTupleKey{
-				User:     tupleReq.User,
-				Relation: tupleReq.Relation,
-				Object:   tupleReq.Object,
-			},
-		})
-	if err != nil {
-		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
-	}
-
-	if !checkResponse.Allowed {
-		return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subject %s cannot %s object %s", tupleReq.User, tupleReq.Relation, tupleReq.Object)
-	}
-
-	return nil
-}
-
-func (server *Server) BatchCheck(ctx context.Context, tupleReq []*openfgav1.TupleKey) error {
-	storeID, modelID := server.getStoreIDandModelID()
-	batchCheckItems := make([]*openfgav1.BatchCheckItem, 0)
-	for idx, tuple := range tupleReq {
-		batchCheckItems = append(batchCheckItems, &openfgav1.BatchCheckItem{
-			TupleKey: &openfgav1.CheckRequestTupleKey{
-				User:     tuple.User,
-				Relation: tuple.Relation,
-				Object:   tuple.Object,
-			},
-			// the batch check response is map[string] keyed by correlationID.
-			CorrelationId: strconv.Itoa(idx),
-		})
-	}
-
-	checkResponse, err := server.openfgaServer.BatchCheck(
-		ctx,
-		&openfgav1.BatchCheckRequest{
-			StoreId:              storeID,
-			AuthorizationModelId: modelID,
-			Checks:               batchCheckItems,
-		})
-	if err != nil {
-		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
-	}
-
-	for _, checkResponse := range checkResponse.Result {
-		if checkResponse.GetAllowed() {
-			return nil
-		}
-	}
-
-	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
-
-}
-
-func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = server.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = server.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (server *Server) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
-	if len(additions) == 0 && len(deletions) == 0 {
-		return nil
-	}
-
-	storeID, modelID := server.getStoreIDandModelID()
-	deletionTuplesWithoutCondition := make([]*openfgav1.TupleKeyWithoutCondition, len(deletions))
-	for idx, tuple := range deletions {
-		deletionTuplesWithoutCondition[idx] = &openfgav1.TupleKeyWithoutCondition{User: tuple.User, Object: tuple.Object, Relation: tuple.Relation}
-	}
-
-	_, err := server.openfgaServer.Write(ctx, &openfgav1.WriteRequest{
-		StoreId:              storeID,
-		AuthorizationModelId: modelID,
-		Writes: func() *openfgav1.WriteRequestWrites {
-			if len(additions) == 0 {
-				return nil
-			}
-			return &openfgav1.WriteRequestWrites{
-				TupleKeys:   additions,
-				OnDuplicate: "ignore",
-			}
-		}(),
-		Deletes: func() *openfgav1.WriteRequestDeletes {
-			if len(deletionTuplesWithoutCondition) == 0 {
-				return nil
-			}
-			return &openfgav1.WriteRequestDeletes{
-				TupleKeys: deletionTuplesWithoutCondition,
-				OnMissing: "ignore",
-			}
-		}(),
-	})
-
-	return err
-}
-
-func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
-	storeID, modelID := server.getStoreIDandModelID()
-	response, err := server.openfgaServer.ListObjects(ctx, &openfgav1.ListObjectsRequest{
-		StoreId:              storeID,
-		AuthorizationModelId: modelID,
-		User:                 subject,
-		Relation:             relation.StringValue(),
-		Type:                 typeable.Type().StringValue(),
-	})
-	if err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "cannot list objects for subject %s with relation %s for type %s", subject, relation.StringValue(), typeable.Type().StringValue())
-	}
-
-	return authtypes.MustNewObjectsFromStringSlice(response.Objects), nil
-}
-
-func (server *Server) getOrCreateStore(ctx context.Context, name string) (string, error) {
-	stores, err := server.openfgaServer.ListStores(ctx, &openfgav1.ListStoresRequest{})
-	if err != nil {
-		return "", err
-	}
-
-	for _, store := range stores.GetStores() {
-		if store.GetName() == name {
-			return store.Id, nil
-		}
-	}
-
-	store, err := server.openfgaServer.CreateStore(ctx, &openfgav1.CreateStoreRequest{Name: name})
-	if err != nil {
-		return "", err
-	}
-
-	return store.Id, nil
-}
-
-func (server *Server) getOrCreateModel(ctx context.Context, storeID string) (string, error) {
-	schema, err := openfgapkgtransformer.TransformModuleFilesToModel(server.openfgaSchema, "1.1")
-	if err != nil {
-		return "", err
-	}
-
-	authorisationModels, err := server.openfgaServer.ReadAuthorizationModels(ctx, &openfgav1.ReadAuthorizationModelsRequest{StoreId: storeID})
-	if err != nil {
-		return "", err
-	}
-
-	for _, authModel := range authorisationModels.GetAuthorizationModels() {
-		equal, err := server.isModelEqual(schema, authModel)
-		if err != nil {
-			return "", err
-		}
-		if equal {
-			return authModel.Id, nil
-		}
-	}
-
-	authorizationModel, err := server.openfgaServer.WriteAuthorizationModel(ctx, &openfgav1.WriteAuthorizationModelRequest{
-		StoreId:         storeID,
-		TypeDefinitions: schema.TypeDefinitions,
-		SchemaVersion:   schema.SchemaVersion,
-		Conditions:      schema.Conditions,
-	})
-	if err != nil {
-		return "", err
-	}
-
-	return authorizationModel.AuthorizationModelId, nil
-}
-
-// the language model doesn't have any equality check
-// https://github.com/openfga/language/blob/main/pkg/go/transformer/module-to-model_test.go#L38
-func (server *Server) isModelEqual(expected *openfgav1.AuthorizationModel, actual *openfgav1.AuthorizationModel) (bool, error) {
-	// we need to initialize a new model since the model extracted from schema doesn't have id
-	expectedAuthModel := openfgav1.AuthorizationModel{
-		SchemaVersion:   expected.SchemaVersion,
-		TypeDefinitions: expected.TypeDefinitions,
-		Conditions:      expected.Conditions,
-	}
-	expectedAuthModelBytes, err := protojson.Marshal(&expectedAuthModel)
-	if err != nil {
-		return false, err
-	}
-
-	actualAuthModel := openfgav1.AuthorizationModel{
-		SchemaVersion:   actual.SchemaVersion,
-		TypeDefinitions: actual.TypeDefinitions,
-		Conditions:      actual.Conditions,
-	}
-	actualAuthModelBytes, err := protojson.Marshal(&actualAuthModel)
-	if err != nil {
-		return false, err
-	}
-
-	return string(expectedAuthModelBytes) == string(actualAuthModelBytes), nil
-
-}
-
-func (server *Server) getStoreIDandModelID() (string, string) {
-	server.mtx.RLock()
-	defer server.mtx.RUnlock()
-
-	storeID := server.storeID
-	modelID := server.modelID
-
-	return storeID, modelID
-}
--- a/pkg/http/middleware/authz.go
+++ b/pkg/http/middleware/authz.go
@@ -8,6 +8,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/render"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
 	"github.com/SigNoz/signoz/pkg/types/roletypes"
@@ -23,14 +24,15 @@ type AuthZ struct {
 	logger       *slog.Logger
 	orgGetter    organization.Getter
 	authzService authz.AuthZ
+	roleGetter   role.Getter
 }

-func NewAuthZ(logger *slog.Logger, orgGetter organization.Getter, authzService authz.AuthZ) *AuthZ {
+func NewAuthZ(logger *slog.Logger, orgGetter organization.Getter, authzService authz.AuthZ, roleGetter role.Getter) *AuthZ {
 	if logger == nil {
 		panic("cannot build authz middleware, logger is empty")
 	}

-	return &AuthZ{logger: logger, orgGetter: orgGetter, authzService: authzService}
+	return &AuthZ{logger: logger, orgGetter: orgGetter, authzService: authzService, roleGetter: roleGetter}
 }

 func (middleware *AuthZ) ViewAccess(next http.HandlerFunc) http.HandlerFunc {
--- a/pkg/modules/dashboard/dashboard.go
+++ b/pkg/modules/dashboard/dashboard.go
@@ -4,7 +4,7 @@ import (
 	"context"
 	"net/http"

-	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/statsreporter"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
@@ -51,7 +51,7 @@ type Module interface {

 	statsreporter.StatsCollector

-	authz.RegisterTypeable
+	role.RegisterTypeable
 }

 type Handler interface {
--- a/pkg/modules/dashboard/impldashboard/module.go
+++ b/pkg/modules/dashboard/impldashboard/module.go
@@ -206,10 +206,6 @@ func (module *module) MustGetTypeables() []authtypes.Typeable {
 	return []authtypes.Typeable{dashboardtypes.TypeableMetaResourceDashboard, dashboardtypes.TypeableMetaResourcesDashboards}
 }

-func (module *module) MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction {
-	return nil
-}
-
 // not supported
 func (module *module) CreatePublic(ctx context.Context, orgID valuer.UUID, publicDashboard *dashboardtypes.PublicDashboard) error {
 	return errors.Newf(errors.TypeUnsupported, dashboardtypes.ErrCodePublicDashboardUnsupported, "not implemented")
--- a/pkg/modules/fields/handler.go
+++ b/pkg/modules/fields/handler.go
@@ -1,11 +0,0 @@
-package fields
-
-import "net/http"
-
-type Handler interface {
-	// Gets the fields keys for the given field key selector
-	GetFieldsKeys(http.ResponseWriter, *http.Request)
-
-	// Gets the fields values for the given field value selector
-	GetFieldsValues(http.ResponseWriter, *http.Request)
-}
--- a/pkg/modules/fields/implfields/handler.go
+++ b/pkg/modules/fields/implfields/handler.go
@@ -1,79 +0,0 @@
-package implfields
-
-import (
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/http/binding"
-	"github.com/SigNoz/signoz/pkg/http/render"
-	"github.com/SigNoz/signoz/pkg/modules/fields"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-)
-
-type handler struct {
-	telemetryMetadataStore telemetrytypes.MetadataStore
-}
-
-func NewHandler(settings factory.ProviderSettings, telemetryMetadataStore telemetrytypes.MetadataStore) fields.Handler {
-	return &handler{
-		telemetryMetadataStore: telemetryMetadataStore,
-	}
-}
-
-func (handler *handler) GetFieldsKeys(rw http.ResponseWriter, req *http.Request) {
-	ctx := req.Context()
-
-	var params telemetrytypes.PostableFieldKeysParams
-	if err := binding.Query.BindQuery(req.URL.Query(), &params); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	fieldKeySelector := telemetrytypes.NewFieldKeySelectorFromPostableFieldKeysParams(params)
-
-	keys, complete, err := handler.telemetryMetadataStore.GetKeys(ctx, fieldKeySelector)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusOK, &telemetrytypes.GettableFieldKeys{
-		Keys:     keys,
-		Complete: complete,
-	})
-}
-
-func (handler *handler) GetFieldsValues(rw http.ResponseWriter, req *http.Request) {
-	ctx := req.Context()
-
-	var params telemetrytypes.PostableFieldValueParams
-	if err := binding.Query.BindQuery(req.URL.Query(), &params); err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	fieldValueSelector := telemetrytypes.NewFieldValueSelectorFromPostableFieldValueParams(params)
-
-	allValues, allComplete, err := handler.telemetryMetadataStore.GetAllValues(ctx, fieldValueSelector)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	relatedValues, relatedComplete, err := handler.telemetryMetadataStore.GetRelatedValues(ctx, fieldValueSelector)
-	if err != nil {
-		// we don't want to return error if we fail to get related values for some reason
-		relatedValues = []string{}
-	}
-
-	values := &telemetrytypes.TelemetryFieldValues{
-		StringValues:  allValues.StringValues,
-		NumberValues:  allValues.NumberValues,
-		RelatedValues: relatedValues,
-	}
-
-	render.Success(rw, http.StatusOK, &telemetrytypes.GettableFieldValues{
-		Values:   values,
-		Complete: allComplete && relatedComplete,
-	})
-}
--- a/pkg/modules/role/implrole/getter.go
+++ b/pkg/modules/role/implrole/getter.go
@@ -0,0 +1,63 @@
+package implrole
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type getter struct {
+	store roletypes.Store
+}
+
+func NewGetter(store roletypes.Store) role.Getter {
+	return &getter{store: store}
+}
+
+func (getter *getter) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
+	storableRole, err := getter.store.Get(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+
+	return roletypes.NewRoleFromStorableRole(storableRole), nil
+}
+
+func (getter *getter) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
+	storableRole, err := getter.store.GetByOrgIDAndName(ctx, orgID, name)
+	if err != nil {
+		return nil, err
+	}
+
+	return roletypes.NewRoleFromStorableRole(storableRole), nil
+}
+
+func (getter *getter) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
+	storableRoles, err := getter.store.List(ctx, orgID)
+	if err != nil {
+		return nil, err
+	}
+
+	roles := make([]*roletypes.Role, len(storableRoles))
+	for idx, storableRole := range storableRoles {
+		roles[idx] = roletypes.NewRoleFromStorableRole(storableRole)
+	}
+
+	return roles, nil
+}
+
+func (getter *getter) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
+	storableRoles, err := getter.store.ListByOrgIDAndNames(ctx, orgID, names)
+	if err != nil {
+		return nil, err
+	}
+
+	roles := make([]*roletypes.Role, len(storableRoles))
+	for idx, storable := range storableRoles {
+		roles[idx] = roletypes.NewRoleFromStorableRole(storable)
+	}
+
+	return roles, nil
+}
--- a/pkg/modules/role/implrole/granter.go
+++ b/pkg/modules/role/implrole/granter.go
@@ -0,0 +1,83 @@
+package implrole
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type granter struct {
+	store roletypes.Store
+	authz authz.AuthZ
+}
+
+func NewGranter(store roletypes.Store, authz authz.AuthZ) role.Granter {
+	return &granter{store: store, authz: authz}
+}
+
+func (granter *granter) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
+	tuples, err := authtypes.TypeableRole.Tuples(
+		subject,
+		authtypes.RelationAssignee,
+		[]authtypes.Selector{
+			authtypes.MustNewSelector(authtypes.TypeRole, name),
+		},
+		orgID,
+	)
+	if err != nil {
+		return err
+	}
+	return granter.authz.Write(ctx, tuples, nil)
+}
+
+func (granter *granter) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
+	err := granter.Revoke(ctx, orgID, existingRoleName, subject)
+	if err != nil {
+		return err
+	}
+
+	err = granter.Grant(ctx, orgID, updatedRoleName, subject)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (granter *granter) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
+	tuples, err := authtypes.TypeableRole.Tuples(
+		subject,
+		authtypes.RelationAssignee,
+		[]authtypes.Selector{
+			authtypes.MustNewSelector(authtypes.TypeRole, name),
+		},
+		orgID,
+	)
+	if err != nil {
+		return err
+	}
+	return granter.authz.Write(ctx, nil, tuples)
+}
+
+func (granter *granter) CreateManagedRoles(ctx context.Context, _ valuer.UUID, managedRoles []*roletypes.Role) error {
+	err := granter.store.RunInTx(ctx, func(ctx context.Context) error {
+		for _, role := range managedRoles {
+			err := granter.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+			if err != nil {
+				return err
+			}
+		}
+
+		return nil
+	})
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/pkg/modules/role/implrole/handler.go
+++ b/pkg/modules/role/implrole/handler.go
@@ -1,12 +1,12 @@
-package signozauthzapi
+package implrole

 import (
 	"net/http"

-	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/binding"
 	"github.com/SigNoz/signoz/pkg/http/render"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
@@ -14,11 +14,12 @@ import (
 )

 type handler struct {
-	authz authz.AuthZ
+	setter role.Setter
+	getter role.Getter
 }

-func NewHandler(authz authz.AuthZ) authz.Handler {
-	return &handler{authz: authz}
+func NewHandler(setter role.Setter, getter role.Getter) role.Handler {
+	return &handler{setter: setter, getter: getter}
 }

 func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
@@ -35,7 +36,7 @@ func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	err = handler.authz.Create(ctx, valuer.MustNewUUID(claims.OrgID), roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID)))
+	err = handler.setter.Create(ctx, valuer.MustNewUUID(claims.OrgID), roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID)))
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -63,7 +64,7 @@ func (handler *handler) Get(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	role, err := handler.authz.Get(ctx, valuer.MustNewUUID(claims.OrgID), roleID)
+	role, err := handler.getter.Get(ctx, valuer.MustNewUUID(claims.OrgID), roleID)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -102,7 +103,7 @@ func (handler *handler) GetObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	objects, err := handler.authz.GetObjects(ctx, valuer.MustNewUUID(claims.OrgID), roleID, relation)
+	objects, err := handler.setter.GetObjects(ctx, valuer.MustNewUUID(claims.OrgID), roleID, relation)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -113,7 +114,7 @@ func (handler *handler) GetObjects(rw http.ResponseWriter, r *http.Request) {

 func (handler *handler) GetResources(rw http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
-	resources := handler.authz.GetResources(ctx)
+	resources := handler.setter.GetResources(ctx)

 	var resourceRelations = struct {
 		Resources []*authtypes.Resource                   `json:"resources"`
@@ -133,7 +134,7 @@ func (handler *handler) List(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	roles, err := handler.authz.List(ctx, valuer.MustNewUUID(claims.OrgID))
+	roles, err := handler.getter.List(ctx, valuer.MustNewUUID(claims.OrgID))
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -162,7 +163,7 @@ func (handler *handler) Patch(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	role, err := handler.authz.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	role, err := handler.getter.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -174,7 +175,7 @@ func (handler *handler) Patch(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	err = handler.authz.Patch(ctx, valuer.MustNewUUID(claims.OrgID), role)
+	err = handler.setter.Patch(ctx, valuer.MustNewUUID(claims.OrgID), role)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -209,7 +210,7 @@ func (handler *handler) PatchObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	role, err := handler.authz.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	role, err := handler.getter.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -221,7 +222,7 @@ func (handler *handler) PatchObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	err = handler.authz.PatchObjects(ctx, valuer.MustNewUUID(claims.OrgID), role.Name, relation, patchableObjects.Additions, patchableObjects.Deletions)
+	err = handler.setter.PatchObjects(ctx, valuer.MustNewUUID(claims.OrgID), role.Name, relation, patchableObjects.Additions, patchableObjects.Deletions)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -244,7 +245,7 @@ func (handler *handler) Delete(rw http.ResponseWriter, r *http.Request) {
 		return
 	}

-	err = handler.authz.Delete(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	err = handler.setter.Delete(ctx, valuer.MustNewUUID(claims.OrgID), id)
 	if err != nil {
 		render.Error(rw, err)
 		return
--- a/pkg/modules/role/implrole/setter.go
+++ b/pkg/modules/role/implrole/setter.go
@@ -0,0 +1,53 @@
+package implrole
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type setter struct {
+	store roletypes.Store
+	authz authz.AuthZ
+}
+
+func NewSetter(store roletypes.Store, authz authz.AuthZ) role.Setter {
+	return &setter{store: store, authz: authz}
+}
+
+func (setter *setter) Create(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) GetOrCreate(_ context.Context, _ valuer.UUID, _ *roletypes.Role) (*roletypes.Role, error) {
+	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) GetResources(_ context.Context) []*authtypes.Resource {
+	return nil
+}
+
+func (setter *setter) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
+	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) Patch(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) PatchObjects(_ context.Context, _ valuer.UUID, _ string, _ authtypes.Relation, _, _ []*authtypes.Object) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) Delete(_ context.Context, _ valuer.UUID, _ valuer.UUID) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) MustGetTypeables() []authtypes.Typeable {
+	return nil
+}
--- a/pkg/authz/authzstore/sqlauthzstore/store.go
+++ b/pkg/authz/authzstore/sqlauthzstore/store.go
@@ -1,4 +1,4 @@
-package sqlauthzstore
+package implrole

 import (
 	"context"
@@ -14,7 +14,7 @@ type store struct {
 	sqlstore sqlstore.SQLStore
 }

-func NewSqlAuthzStore(sqlstore sqlstore.SQLStore) roletypes.Store {
+func NewStore(sqlstore sqlstore.SQLStore) roletypes.Store {
 	return &store{sqlstore: sqlstore}
 }

--- a/pkg/modules/role/role.go
+++ b/pkg/modules/role/role.go
@@ -0,0 +1,85 @@
+package role
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type Setter interface {
+	// Creates the role.
+	Create(context.Context, valuer.UUID, *roletypes.Role) error
+
+	// Gets the role if it exists or creates one.
+	GetOrCreate(context.Context, valuer.UUID, *roletypes.Role) (*roletypes.Role, error)
+
+	// Gets the objects associated with the given role and relation.
+	GetObjects(context.Context, valuer.UUID, valuer.UUID, authtypes.Relation) ([]*authtypes.Object, error)
+
+	// Gets all the typeable resources registered from role registry.
+	GetResources(context.Context) []*authtypes.Resource
+
+	// Patches the role.
+	Patch(context.Context, valuer.UUID, *roletypes.Role) error
+
+	// Patches the objects in authorization server associated with the given role and relation
+	PatchObjects(context.Context, valuer.UUID, string, authtypes.Relation, []*authtypes.Object, []*authtypes.Object) error
+
+	// Deletes the role and tuples in authorization server.
+	Delete(context.Context, valuer.UUID, valuer.UUID) error
+
+	RegisterTypeable
+}
+
+type Getter interface {
+	// Gets the role
+	Get(context.Context, valuer.UUID, valuer.UUID) (*roletypes.Role, error)
+
+	// Gets the role by org_id and name
+	GetByOrgIDAndName(context.Context, valuer.UUID, string) (*roletypes.Role, error)
+
+	// Lists all the roles for the organization.
+	List(context.Context, valuer.UUID) ([]*roletypes.Role, error)
+
+	//  Lists all the roles for the organization filtered by name
+	ListByOrgIDAndNames(context.Context, valuer.UUID, []string) ([]*roletypes.Role, error)
+}
+
+type Granter interface {
+	// Grants a role to the subject based on role name.
+	Grant(context.Context, valuer.UUID, string, string) error
+
+	// Revokes a granted role from the subject based on role name.
+	Revoke(context.Context, valuer.UUID, string, string) error
+
+	// Changes the granted role for the subject based on role name.
+	ModifyGrant(context.Context, valuer.UUID, string, string, string) error
+
+	// Bootstrap the managed roles.
+	CreateManagedRoles(context.Context, valuer.UUID, []*roletypes.Role) error
+}
+
+type RegisterTypeable interface {
+	MustGetTypeables() []authtypes.Typeable
+}
+
+type Handler interface {
+	Create(http.ResponseWriter, *http.Request)
+
+	Get(http.ResponseWriter, *http.Request)
+
+	GetObjects(http.ResponseWriter, *http.Request)
+
+	GetResources(http.ResponseWriter, *http.Request)
+
+	List(http.ResponseWriter, *http.Request)
+
+	Patch(http.ResponseWriter, *http.Request)
+
+	PatchObjects(http.ResponseWriter, *http.Request)
+
+	Delete(http.ResponseWriter, *http.Request)
+}
--- a/pkg/modules/user/impluser/module.go
+++ b/pkg/modules/user/impluser/module.go
@@ -8,11 +8,11 @@ import (
 	"time"

 	"github.com/SigNoz/signoz/pkg/analytics"
-	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/emailing"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	root "github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/tokenizer"
@@ -32,13 +32,13 @@ type Module struct {
 	emailing  emailing.Emailing
 	settings  factory.ScopedProviderSettings
 	orgSetter organization.Setter
-	authz     authz.AuthZ
+	granter   role.Granter
 	analytics analytics.Analytics
 	config    user.Config
 }

 // This module is a WIP, don't take inspiration from this.
-func NewModule(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing emailing.Emailing, providerSettings factory.ProviderSettings, orgSetter organization.Setter, authz authz.AuthZ, analytics analytics.Analytics, config user.Config) root.Module {
+func NewModule(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing emailing.Emailing, providerSettings factory.ProviderSettings, orgSetter organization.Setter, granter role.Granter, analytics analytics.Analytics, config user.Config) root.Module {
 	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/modules/user/impluser")
 	return &Module{
 		store:     store,
@@ -47,7 +47,7 @@ func NewModule(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing em
 		settings:  settings,
 		orgSetter: orgSetter,
 		analytics: analytics,
-		authz:     authz,
+		granter:   granter,
 		config:    config,
 	}
 }
@@ -172,7 +172,7 @@ func (module *Module) CreateUser(ctx context.Context, input *types.User, opts ..
 	createUserOpts := root.NewCreateUserOptions(opts...)

 	// since assign is idempotant multiple calls to assign won't cause issues in case of retries.
-	err := module.authz.Grant(ctx, input.OrgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(input.Role), authtypes.MustNewSubject(authtypes.TypeableUser, input.ID.StringValue(), input.OrgID, nil))
+	err := module.granter.Grant(ctx, input.OrgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(input.Role), authtypes.MustNewSubject(authtypes.TypeableUser, input.ID.StringValue(), input.OrgID, nil))
 	if err != nil {
 		return err
 	}
@@ -238,7 +238,7 @@ func (m *Module) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, u
 	}

 	if user.Role != existingUser.Role {
-		err = m.authz.ModifyGrant(ctx,
+		err = m.granter.ModifyGrant(ctx,
 			orgID,
 			roletypes.MustGetSigNozManagedRoleFromExistingRole(existingUser.Role),
 			roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role),
@@ -301,7 +301,7 @@ func (module *Module) DeleteUser(ctx context.Context, orgID valuer.UUID, id stri
 	}

 	// since revoke is idempotant multiple calls to revoke won't cause issues in case of retries
-	err = module.authz.Revoke(ctx, orgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role), authtypes.MustNewSubject(authtypes.TypeableUser, id, orgID, nil))
+	err = module.granter.Revoke(ctx, orgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role), authtypes.MustNewSubject(authtypes.TypeableUser, id, orgID, nil))
 	if err != nil {
 		return err
 	}
@@ -504,14 +504,14 @@ func (module *Module) CreateFirstUser(ctx context.Context, organization *types.O
 	}

 	managedRoles := roletypes.NewManagedRoles(organization.ID)
-	err = module.authz.CreateManagedUserRoleTransactions(ctx, organization.ID, user.ID)
+	err = module.granter.Grant(ctx, organization.ID, roletypes.SigNozAdminRoleName, authtypes.MustNewSubject(authtypes.TypeableUser, user.ID.StringValue(), user.OrgID, nil))
 	if err != nil {
 		return nil, err
 	}

 	if err = module.store.RunInTx(ctx, func(ctx context.Context) error {
 		err = module.orgSetter.Create(ctx, organization, func(ctx context.Context, orgID valuer.UUID) error {
-			err = module.authz.CreateManagedRoles(ctx, orgID, managedRoles)
+			err = module.granter.CreateManagedRoles(ctx, orgID, managedRoles)
 			if err != nil {
 				return err
 			}
--- a/pkg/query-service/app/clickhouseReader/reader.go
+++ b/pkg/query-service/app/clickhouseReader/reader.go
@@ -830,7 +830,7 @@ func (r *ClickHouseReader) GetUsage(ctx context.Context, queryParams *model.GetU

 func (r *ClickHouseReader) GetSpansForTrace(ctx context.Context, traceID string, traceDetailsQuery string) ([]model.SpanItemV2, *model.ApiError) {
 	var traceSummary model.TraceSummary
-	summaryQuery := fmt.Sprintf("SELECT * from %s.%s FINAL WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
+	summaryQuery := fmt.Sprintf("SELECT * from %s.%s WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
 	err := r.db.QueryRow(ctx, summaryQuery, traceID).Scan(&traceSummary.TraceID, &traceSummary.Start, &traceSummary.End, &traceSummary.NumSpans)
 	if err != nil {
 		if err == sql.ErrNoRows {
@@ -6458,7 +6458,7 @@ func (r *ClickHouseReader) SearchTraces(ctx context.Context, params *model.Searc
 	}

 	var traceSummary model.TraceSummary
-	summaryQuery := fmt.Sprintf("SELECT * from %s.%s FINAL WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
+	summaryQuery := fmt.Sprintf("SELECT * from %s.%s WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
 	err := r.db.QueryRow(ctx, summaryQuery, params.TraceID).Scan(&traceSummary.TraceID, &traceSummary.Start, &traceSummary.End, &traceSummary.NumSpans)
 	if err != nil {
 		if err == sql.ErrNoRows {
--- a/pkg/query-service/app/http_handler.go
+++ b/pkg/query-service/app/http_handler.go
@@ -25,6 +25,7 @@ import (
 	"time"

 	"github.com/SigNoz/signoz/pkg/alertmanager"
+	"github.com/SigNoz/signoz/pkg/apis/fields"
 	errorsV2 "github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/middleware"
 	"github.com/SigNoz/signoz/pkg/http/render"
@@ -68,7 +69,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/types/opamptypes"
 	"github.com/SigNoz/signoz/pkg/types/pipelinetypes"
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
+	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	traceFunnels "github.com/SigNoz/signoz/pkg/types/tracefunneltypes"

 	"go.uber.org/zap"
@@ -103,11 +104,10 @@ type APIHandler struct {
 	querierV2    interfaces.Querier
 	queryBuilder *queryBuilder.QueryBuilder

-	// temporalityMap is a map of metric name to temporality to avoid fetching
-	// temporality for the same metric multiple times.
-	//
-	// Querying the v4 table on a low cardinal temporality column should be
-	// fast, but we can still avoid the query if we have the data in memory.
+	// temporalityMap is a map of metric name to temporality
+	// to avoid fetching temporality for the same metric multiple times
+	// querying the v4 table on low cardinal temporality column
+	// should be fast but we can still avoid the query if we have the data in memory
 	temporalityMap map[string]map[v3.Temporality]bool
 	temporalityMux sync.Mutex

@@ -145,6 +145,8 @@ type APIHandler struct {

 	LicensingAPI licensing.API

+	FieldsAPI *fields.API
+
 	QuerierAPI *querierAPI.API

 	QueryParserAPI *queryparser.API
@@ -175,6 +177,8 @@ type APIHandlerOpts struct {

 	LicensingAPI licensing.API

+	FieldsAPI *fields.API
+
 	QuerierAPI *querierAPI.API

 	QueryParserAPI *queryparser.API
@@ -239,6 +243,7 @@ func NewAPIHandler(opts APIHandlerOpts) (*APIHandler, error) {
 		AlertmanagerAPI:               opts.AlertmanagerAPI,
 		LicensingAPI:                  opts.LicensingAPI,
 		Signoz:                        opts.Signoz,
+		FieldsAPI:                     opts.FieldsAPI,
 		QuerierAPI:                    opts.QuerierAPI,
 		QueryParserAPI:                opts.QueryParserAPI,
 	}
@@ -394,6 +399,13 @@ func (aH *APIHandler) RegisterQueryRangeV3Routes(router *mux.Router, am *middlew
 	subRouter.HandleFunc("/logs/livetail", am.ViewAccess(aH.QuerierAPI.QueryRawStream)).Methods(http.MethodGet)
 }

+func (aH *APIHandler) RegisterFieldsRoutes(router *mux.Router, am *middleware.AuthZ) {
+	subRouter := router.PathPrefix("/api/v1").Subrouter()
+
+	subRouter.HandleFunc("/fields/keys", am.ViewAccess(aH.FieldsAPI.GetFieldsKeys)).Methods(http.MethodGet)
+	subRouter.HandleFunc("/fields/values", am.ViewAccess(aH.FieldsAPI.GetFieldsValues)).Methods(http.MethodGet)
+}
+
 func (aH *APIHandler) RegisterInfraMetricsRoutes(router *mux.Router, am *middleware.AuthZ) {
 	hostsSubRouter := router.PathPrefix("/api/v1/hosts").Subrouter()
 	hostsSubRouter.HandleFunc("/attribute_keys", am.ViewAccess(aH.getHostAttributeKeys)).Methods(http.MethodGet)
@@ -1011,7 +1023,7 @@ func (aH *APIHandler) getRuleStateHistory(w http.ResponseWriter, r *http.Request
 			// the query range is calculated based on the rule's evalWindow and evalDelay
 			// alerts have 2 minutes delay built in, so we need to subtract that from the start time
 			// to get the correct query range
-			start := end.Add(-rule.EvalWindow.Duration() - 3*time.Minute)
+			start := end.Add(-time.Duration(rule.EvalWindow)).Add(-3 * time.Minute)
 			if rule.AlertType == ruletypes.AlertTypeLogs {
 				if rule.Version != "v5" {
 					res.Items[idx].RelatedLogsLink = contextlinks.PrepareLinksToLogs(start, end, newFilters)
@@ -1218,12 +1230,12 @@ func (aH *APIHandler) Get(rw http.ResponseWriter, r *http.Request) {

 	dashboard := new(dashboardtypes.Dashboard)
 	if aH.CloudIntegrationsController.IsCloudIntegrationDashboardUuid(id) {
-		cloudIntegrationDashboard, apiErr := aH.CloudIntegrationsController.GetDashboardById(ctx, orgID, id)
+		cloudintegrationDashboard, apiErr := aH.CloudIntegrationsController.GetDashboardById(ctx, orgID, id)
 		if apiErr != nil {
 			render.Error(rw, errorsV2.Wrapf(apiErr, errorsV2.TypeInternal, errorsV2.CodeInternal, "failed to get dashboard"))
 			return
 		}
-		dashboard = cloudIntegrationDashboard
+		dashboard = cloudintegrationDashboard
 	} else if aH.IntegrationsController.IsInstalledIntegrationDashboardID(id) {
 		integrationDashboard, apiErr := aH.IntegrationsController.GetInstalledIntegrationDashboardById(ctx, orgID, id)
 		if apiErr != nil {
@@ -1552,13 +1564,13 @@ func (aH *APIHandler) queryMetrics(w http.ResponseWriter, r *http.Request) {
 		RespondError(w, &model.ApiError{Typ: model.ErrorExec, Err: res.Err}, nil)
 	}

-	responseData := &model.QueryData{
+	response_data := &model.QueryData{
 		ResultType: res.Value.Type(),
 		Result:     res.Value,
 		Stats:      qs,
 	}

-	aH.Respond(w, responseData)
+	aH.Respond(w, response_data)

 }

@@ -2640,12 +2652,12 @@ func (aH *APIHandler) getProducerData(w http.ResponseWriter, r *http.Request) {
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error

-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2693,12 +2705,12 @@ func (aH *APIHandler) getConsumerData(w http.ResponseWriter, r *http.Request) {
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error

-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2747,12 +2759,12 @@ func (aH *APIHandler) getPartitionOverviewLatencyData(w http.ResponseWriter, r *
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error

-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2801,12 +2813,12 @@ func (aH *APIHandler) getConsumerPartitionLatencyData(w http.ResponseWriter, r *
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error

-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2858,12 +2870,12 @@ func (aH *APIHandler) getProducerThroughputOverview(w http.ResponseWriter, r *ht
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error

-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, producerQueryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, producerQueryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}

@@ -2969,12 +2981,12 @@ func (aH *APIHandler) getProducerThroughputDetails(w http.ResponseWriter, r *htt
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error

-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -3023,12 +3035,12 @@ func (aH *APIHandler) getConsumerThroughputOverview(w http.ResponseWriter, r *ht
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error

-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -3077,12 +3089,12 @@ func (aH *APIHandler) getConsumerThroughputDetails(w http.ResponseWriter, r *htt
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error

-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -3137,12 +3149,12 @@ func (aH *APIHandler) getProducerConsumerEval(w http.ResponseWriter, r *http.Req
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error

-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}

@@ -4126,11 +4138,11 @@ func (aH *APIHandler) ListLogsPipelinesHandler(w http.ResponseWriter, r *http.Re
 	aH.Respond(w, payload)
 }

-// listLogsPipelines lists logs pipelines for latest version
+// listLogsPipelines lists logs piplines for latest version
 func (aH *APIHandler) listLogsPipelines(ctx context.Context, orgID valuer.UUID) (
 	*logparsingpipeline.PipelinesResponse, error,
 ) {
-	// get latest agent config
+	// get lateset agent config
 	latestVersion := -1
 	lastestConfig, err := agentConf.GetLatestVersion(ctx, orgID, opamptypes.ElementTypeLogPipelines)
 	if err != nil && !errorsV2.Ast(err, errorsV2.TypeNotFound) {
@@ -4427,7 +4439,7 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 	var spanKeys map[string]v3.AttributeKey
 	if queryRangeParams.CompositeQuery.QueryType == v3.QueryTypeBuilder {
 		hasLogsQuery := false
@@ -4444,7 +4456,7 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 		if logsv3.EnrichmentRequired(queryRangeParams) && hasLogsQuery {
 			logsFields, apiErr := aH.reader.GetLogFieldsFromNames(ctx, logsv3.GetFieldNames(queryRangeParams.CompositeQuery))
 			if apiErr != nil {
-				RespondError(w, apiErr, errQueriesByName)
+				RespondError(w, apiErr, errQuriesByName)
 				return
 			}
 			// get the fields if any logs query is present
@@ -4455,7 +4467,7 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 			spanKeys, err = aH.getSpanKeysV3(ctx, queryRangeParams)
 			if err != nil {
 				apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
-				RespondError(w, apiErrObj, errQueriesByName)
+				RespondError(w, apiErrObj, errQuriesByName)
 				return
 			}
 			tracesV4.Enrich(queryRangeParams, spanKeys)
@@ -4500,11 +4512,11 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 		}
 	}

-	result, errQueriesByName, err = aH.querier.QueryRange(ctx, orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querier.QueryRange(ctx, orgID, queryRangeParams)

 	if err != nil {
 		queryErrors := map[string]string{}
-		for name, err := range errQueriesByName {
+		for name, err := range errQuriesByName {
 			queryErrors[fmt.Sprintf("Query-%s", name)] = err.Error()
 		}
 		apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
@@ -4780,7 +4792,7 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 	}

 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 	var spanKeys map[string]v3.AttributeKey
 	if queryRangeParams.CompositeQuery.QueryType == v3.QueryTypeBuilder {
 		hasLogsQuery := false
@@ -4810,7 +4822,7 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 			spanKeys, err = aH.getSpanKeysV3(ctx, queryRangeParams)
 			if err != nil {
 				apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
-				RespondError(w, apiErrObj, errQueriesByName)
+				RespondError(w, apiErrObj, errQuriesByName)
 				return
 			}
 			tracesV4.Enrich(queryRangeParams, spanKeys)
@@ -4833,11 +4845,11 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 		}
 	}

-	result, errQueriesByName, err = aH.querierV2.QueryRange(ctx, orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(ctx, orgID, queryRangeParams)

 	if err != nil {
 		queryErrors := map[string]string{}
-		for name, err := range errQueriesByName {
+		for name, err := range errQuriesByName {
 			queryErrors[fmt.Sprintf("Query-%s", name)] = err.Error()
 		}
 		apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
@@ -4854,7 +4866,7 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que

 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	aH.sendQueryResultEvents(r, result, queryRangeParams, "v4")
--- a/pkg/query-service/app/logparsingpipeline/collector_config_test.go
+++ b/pkg/query-service/app/logparsingpipeline/collector_config_test.go
@@ -7,9 +7,9 @@ import (

 	"github.com/SigNoz/signoz/pkg/query-service/constants"
 	"github.com/SigNoz/signoz/pkg/query-service/model"
-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
 	"github.com/SigNoz/signoz/pkg/types/pipelinetypes"
-	. "github.com/smartystreets/goconvey/convey"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
+	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"gopkg.in/yaml.v3"
 )
@@ -96,10 +96,10 @@ var buildProcessorTestData = []struct {

 func TestBuildLogParsingProcessors(t *testing.T) {
 	for _, test := range buildProcessorTestData {
-		Convey(test.Name, t, func() {
+		t.Run(test.Name, func(t *testing.T) {
 			err := updateProcessorConfigsInCollectorConf(test.agentConf, test.pipelineProcessor)
-			So(err, ShouldBeNil)
-			So(test.agentConf, ShouldResemble, test.outputConf)
+			assert.NoError(t, err)
+			assert.Equal(t, test.outputConf, test.agentConf)
 		})
 	}

@@ -202,11 +202,11 @@ var BuildLogsPipelineTestData = []struct {

 func TestBuildLogsPipeline(t *testing.T) {
 	for _, test := range BuildLogsPipelineTestData {
-		Convey(test.Name, t, func() {
+		t.Run(test.Name, func(t *testing.T) {
 			v, err := buildCollectorPipelineProcessorsList(test.currentPipeline, test.logsPipeline)
-			So(err, ShouldBeNil)
+			assert.NoError(t, err)
 			fmt.Println(test.Name, "\n", test.currentPipeline, "\n", v, "\n", test.expectedPipeline)
-			So(v, ShouldResemble, test.expectedPipeline)
+			assert.Equal(t, test.expectedPipeline, v)
 		})
 	}
 }
@@ -239,19 +239,8 @@ func TestPipelineAliasCollisionsDontResultInDuplicateCollectorProcessors(t *test
 				Alias:   alias,
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{
 				{
@@ -310,19 +299,8 @@ func TestPipelineRouterWorksEvenIfFirstOpIsDisabled(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{
 				{
@@ -383,19 +361,8 @@ func TestPipeCharInAliasDoesntBreakCollectorConfig(t *testing.T) {
 				Alias:   "test|pipeline",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{
 				{
--- a/pkg/query-service/app/logparsingpipeline/controller.go
+++ b/pkg/query-service/app/logparsingpipeline/controller.go
@@ -11,13 +11,13 @@ import (
 	"github.com/SigNoz/signoz/pkg/query-service/agentConf"
 	"github.com/SigNoz/signoz/pkg/query-service/constants"
 	"github.com/SigNoz/signoz/pkg/query-service/model"
-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
 	"github.com/SigNoz/signoz/pkg/query-service/utils"
 	"github.com/SigNoz/signoz/pkg/querybuilder"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/opamptypes"
 	"github.com/SigNoz/signoz/pkg/types/pipelinetypes"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/google/uuid"

@@ -140,15 +140,8 @@ func (ic *LogParsingPipelineController) getDefaultPipelines() ([]pipelinetypes.G
 				Alias:   "NormalizeBodyDefault",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key: "body",
-						},
-						Operator: v3.FilterOperatorExists,
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "body EXISTS",
 			},
 			Config: []pipelinetypes.PipelineOperator{
 				{
--- a/pkg/query-service/app/logparsingpipeline/pipelineBuilder_test.go
+++ b/pkg/query-service/app/logparsingpipeline/pipelineBuilder_test.go
@@ -9,14 +9,14 @@ import (

 	signozstanzahelper "github.com/SigNoz/signoz-otel-collector/processor/signozlogspipelineprocessor/stanza/operator/helper"
 	"github.com/SigNoz/signoz/pkg/query-service/model"
-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
 	"github.com/SigNoz/signoz/pkg/query-service/utils"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/pipelinetypes"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/google/uuid"
 	"github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/entry"
-	. "github.com/smartystreets/goconvey/convey"
+	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )

@@ -203,10 +203,10 @@ var prepareProcessorTestData = []struct {

 func TestPreparePipelineProcessor(t *testing.T) {
 	for _, test := range prepareProcessorTestData {
-		Convey(test.Name, t, func() {
+		t.Run(test.Name, func(t *testing.T) {
 			res, err := getOperators(test.Operators)
-			So(err, ShouldBeNil)
-			So(res, ShouldResemble, test.Output)
+			assert.NoError(t, err)
+			assert.Equal(t, test.Output, res)
 		})
 	}
 }
@@ -214,19 +214,8 @@ func TestPreparePipelineProcessor(t *testing.T) {
 func TestNoCollectorErrorsFromProcessorsForMismatchedLogs(t *testing.T) {
 	require := require.New(t)

-	testPipelineFilter := &v3.FilterSet{
-		Operator: "AND",
-		Items: []v3.FilterItem{
-			{
-				Key: v3.AttributeKey{
-					Key:      "method",
-					DataType: v3.AttributeKeyDataTypeString,
-					Type:     v3.AttributeKeyTypeTag,
-				},
-				Operator: "=",
-				Value:    "GET",
-			},
-		},
+	testPipelineFilter := &qbtypes.Filter{
+		Expression: "attribute.method = 'GET'",
 	}
 	makeTestPipeline := func(config []pipelinetypes.PipelineOperator) pipelinetypes.GettablePipeline {
 		return pipelinetypes.GettablePipeline{
@@ -470,19 +459,8 @@ func TestResourceFiltersWork(t *testing.T) {
 			Alias:   "pipeline1",
 			Enabled: true,
 		},
-		Filter: &v3.FilterSet{
-			Operator: "AND",
-			Items: []v3.FilterItem{
-				{
-					Key: v3.AttributeKey{
-						Key:      "service",
-						DataType: v3.AttributeKeyDataTypeString,
-						Type:     v3.AttributeKeyTypeResource,
-					},
-					Operator: "=",
-					Value:    "nginx",
-				},
-			},
+		Filter: &qbtypes.Filter{
+			Expression: "resource.service = 'nginx'",
 		},
 		Config: []pipelinetypes.PipelineOperator{
 			{
@@ -524,11 +502,11 @@ func TestResourceFiltersWork(t *testing.T) {
 func TestPipelineFilterWithStringOpsShouldNotSpamWarningsIfAttributeIsMissing(t *testing.T) {
 	require := require.New(t)

-	for _, operator := range []v3.FilterOperator{
-		v3.FilterOperatorContains,
-		v3.FilterOperatorNotContains,
-		v3.FilterOperatorRegex,
-		v3.FilterOperatorNotRegex,
+	for _, operator := range []string{
+		"CONTAINS",
+		"NOT CONTAINS",
+		"REGEXP",
+		"NOT REGEXP",
 	} {
 		testPipeline := pipelinetypes.GettablePipeline{
 			StoreablePipeline: pipelinetypes.StoreablePipeline{
@@ -540,19 +518,8 @@ func TestPipelineFilterWithStringOpsShouldNotSpamWarningsIfAttributeIsMissing(t
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "service",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeResource,
-						},
-						Operator: operator,
-						Value:    "nginx",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: fmt.Sprintf("resource.service %s 'nginx'", operator),
 			},
 			Config: []pipelinetypes.PipelineOperator{
 				{
@@ -601,19 +568,8 @@ func TestAttributePathsContainingDollarDoNotBreakCollector(t *testing.T) {
 			Alias:   "pipeline1",
 			Enabled: true,
 		},
-		Filter: &v3.FilterSet{
-			Operator: "AND",
-			Items: []v3.FilterItem{
-				{
-					Key: v3.AttributeKey{
-						Key:      "$test",
-						DataType: v3.AttributeKeyDataTypeString,
-						Type:     v3.AttributeKeyTypeTag,
-					},
-					Operator: "=",
-					Value:    "test",
-				},
-			},
+		Filter: &qbtypes.Filter{
+			Expression: "attribute.$test = 'test'",
 		},
 		Config: []pipelinetypes.PipelineOperator{
 			{
@@ -664,19 +620,8 @@ func TestMembershipOpInProcessorFieldExpressions(t *testing.T) {
 			Alias:   "pipeline1",
 			Enabled: true,
 		},
-		Filter: &v3.FilterSet{
-			Operator: "AND",
-			Items: []v3.FilterItem{
-				{
-					Key: v3.AttributeKey{
-						Key:      "http.method",
-						DataType: v3.AttributeKeyDataTypeString,
-						Type:     v3.AttributeKeyTypeTag,
-					},
-					Operator: "=",
-					Value:    "GET",
-				},
-			},
+		Filter: &qbtypes.Filter{
+			Expression: "attribute.http.method = 'GET'",
 		},
 		Config: []pipelinetypes.PipelineOperator{
 			{
@@ -773,18 +718,8 @@ func TestContainsFilterIsCaseInsensitive(t *testing.T) {
 			Alias:   "pipeline1",
 			Enabled: true,
 		},
-		Filter: &v3.FilterSet{
-			Operator: "AND",
-			Items: []v3.FilterItem{{
-				Key: v3.AttributeKey{
-					Key:      "body",
-					DataType: v3.AttributeKeyDataTypeString,
-					Type:     v3.AttributeKeyTypeUnspecified,
-					IsColumn: true,
-				},
-				Operator: "contains",
-				Value:    "log",
-			}},
+		Filter: &qbtypes.Filter{
+			Expression: "body CONTAINS 'log'",
 		},
 		Config: []pipelinetypes.PipelineOperator{
 			{
@@ -806,18 +741,8 @@ func TestContainsFilterIsCaseInsensitive(t *testing.T) {
 			Alias:   "pipeline2",
 			Enabled: true,
 		},
-		Filter: &v3.FilterSet{
-			Operator: "AND",
-			Items: []v3.FilterItem{{
-				Key: v3.AttributeKey{
-					Key:      "body",
-					DataType: v3.AttributeKeyDataTypeString,
-					Type:     v3.AttributeKeyTypeUnspecified,
-					IsColumn: true,
-				},
-				Operator: "ncontains",
-				Value:    "ecom",
-			}},
+		Filter: &qbtypes.Filter{
+			Expression: "body NCONTAINS 'ecom'",
 		},
 		Config: []pipelinetypes.PipelineOperator{
 			{
--- a/pkg/query-service/app/logparsingpipeline/preview_test.go
+++ b/pkg/query-service/app/logparsingpipeline/preview_test.go
@@ -7,8 +7,8 @@ import (
 	"time"

 	"github.com/SigNoz/signoz/pkg/query-service/model"
-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
 	"github.com/SigNoz/signoz/pkg/types/pipelinetypes"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/google/uuid"
 	"github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/entry"
 	"github.com/stretchr/testify/require"
@@ -25,19 +25,8 @@ func TestPipelinePreview(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{
 				{
@@ -58,19 +47,8 @@ func TestPipelinePreview(t *testing.T) {
 				Alias:   "pipeline2",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{
 				{
@@ -159,19 +137,8 @@ func TestGrokParsingProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{
 				{
--- a/pkg/query-service/app/logparsingpipeline/processors_test.go
+++ b/pkg/query-service/app/logparsingpipeline/processors_test.go
@@ -10,8 +10,8 @@ import (
 	"time"

 	"github.com/SigNoz/signoz/pkg/query-service/model"
-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
 	"github.com/SigNoz/signoz/pkg/query-service/utils"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/SigNoz/signoz/pkg/types/pipelinetypes"
 	"github.com/stretchr/testify/require"
 )
@@ -30,19 +30,8 @@ func TestRegexProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{},
 		},
@@ -97,19 +86,8 @@ func TestGrokProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{},
 		},
@@ -164,19 +142,8 @@ func TestJSONProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{},
 		},
@@ -230,20 +197,9 @@ func TestTraceParsingProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
-			},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
+			},	
 			Config: []pipelinetypes.PipelineOperator{},
 		},
 	}
@@ -339,19 +295,8 @@ func TestAddProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{},
 		},
@@ -404,19 +349,8 @@ func TestRemoveProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{},
 		},
@@ -469,19 +403,8 @@ func TestCopyProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{},
 		},
@@ -535,19 +458,8 @@ func TestMoveProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{},
 		},
--- a/pkg/query-service/app/logparsingpipeline/severity_parser_test.go
+++ b/pkg/query-service/app/logparsingpipeline/severity_parser_test.go
@@ -7,8 +7,8 @@ import (
 	"testing"

 	"github.com/SigNoz/signoz/pkg/query-service/model"
-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
 	"github.com/SigNoz/signoz/pkg/types/pipelinetypes"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/stretchr/testify/require"
 )

@@ -23,19 +23,8 @@ func TestSeverityParsingProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{},
 		},
@@ -141,19 +130,8 @@ func TestSeverityParsingProcessor(t *testing.T) {
 func TestNoCollectorErrorsFromSeverityParserForMismatchedLogs(t *testing.T) {
 	require := require.New(t)

-	testPipelineFilter := &v3.FilterSet{
-		Operator: "AND",
-		Items: []v3.FilterItem{
-			{
-				Key: v3.AttributeKey{
-					Key:      "method",
-					DataType: v3.AttributeKeyDataTypeString,
-					Type:     v3.AttributeKeyTypeTag,
-				},
-				Operator: "=",
-				Value:    "GET",
-			},
-		},
+	testPipelineFilter := &qbtypes.Filter{
+		Expression: "attribute.method = 'GET'",
 	}
 	makeTestPipeline := func(config []pipelinetypes.PipelineOperator) pipelinetypes.GettablePipeline {
 		return pipelinetypes.GettablePipeline{
--- a/pkg/query-service/app/logparsingpipeline/time_parser_test.go
+++ b/pkg/query-service/app/logparsingpipeline/time_parser_test.go
@@ -8,8 +8,8 @@ import (
 	"time"

 	"github.com/SigNoz/signoz/pkg/query-service/model"
-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
 	"github.com/SigNoz/signoz/pkg/types/pipelinetypes"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/stretchr/testify/require"
 )

@@ -24,19 +24,8 @@ func TestTimestampParsingProcessor(t *testing.T) {
 				Alias:   "pipeline1",
 				Enabled: true,
 			},
-			Filter: &v3.FilterSet{
-				Operator: "AND",
-				Items: []v3.FilterItem{
-					{
-						Key: v3.AttributeKey{
-							Key:      "method",
-							DataType: v3.AttributeKeyDataTypeString,
-							Type:     v3.AttributeKeyTypeTag,
-						},
-						Operator: "=",
-						Value:    "GET",
-					},
-				},
+			Filter: &qbtypes.Filter{
+				Expression: "attribute.method = 'GET'",
 			},
 			Config: []pipelinetypes.PipelineOperator{},
 		},
--- a/pkg/query-service/app/server.go
+++ b/pkg/query-service/app/server.go
@@ -17,6 +17,7 @@ import (
 	"github.com/gorilla/handlers"

 	"github.com/SigNoz/signoz/pkg/alertmanager"
+	"github.com/SigNoz/signoz/pkg/apis/fields"
 	"github.com/SigNoz/signoz/pkg/cache"
 	"github.com/SigNoz/signoz/pkg/http/middleware"
 	"github.com/SigNoz/signoz/pkg/licensing/nooplicensing"
@@ -132,6 +133,7 @@ func NewServer(config signoz.Config, signoz *signoz.SigNoz) (*Server, error) {
 		FluxInterval:                  config.Querier.FluxInterval,
 		AlertmanagerAPI:               alertmanager.NewAPI(signoz.Alertmanager),
 		LicensingAPI:                  nooplicensing.NewLicenseAPI(),
+		FieldsAPI:                     fields.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.TelemetryStore),
 		Signoz:                        signoz,
 		QuerierAPI:                    querierAPI.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.Querier, signoz.Analytics),
 		QueryParserAPI:                queryparser.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.QueryParser),
@@ -207,12 +209,13 @@ func (s *Server) createPublicServer(api *APIHandler, web web.Web) (*http.Server,
 	r.Use(middleware.NewLogging(s.signoz.Instrumentation.Logger(), s.config.APIServer.Logging.ExcludedRoutes).Wrap)
 	r.Use(middleware.NewComment().Wrap)

-	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz)
+	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz, s.signoz.Modules.RoleGetter)

 	api.RegisterRoutes(r, am)
 	api.RegisterLogsRoutes(r, am)
 	api.RegisterIntegrationRoutes(r, am)
 	api.RegisterCloudIntegrationsRoutes(r, am)
+	api.RegisterFieldsRoutes(r, am)
 	api.RegisterQueryRangeV3Routes(r, am)
 	api.RegisterInfraMetricsRoutes(r, am)
 	api.RegisterWebSocketPaths(r, am)
--- a/pkg/query-service/constants/constants.go
+++ b/pkg/query-service/constants/constants.go
@@ -5,10 +5,10 @@ import (
 	"os"
 	"regexp"
 	"strconv"
+	"time"

 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
-	"github.com/SigNoz/signoz/pkg/valuer"
 )

 const (
@@ -40,11 +40,11 @@ const NormalizedMetricsMapQueryThreads = 10
 var NormalizedMetricsMapRegex = regexp.MustCompile(`[^a-zA-Z0-9]`)
 var NormalizedMetricsMapQuantileRegex = regexp.MustCompile(`(?i)([._-]?quantile.*)$`)

-func GetEvalDelay() valuer.TextDuration {
+func GetEvalDelay() time.Duration {
 	evalDelayStr := GetOrDefaultEnv("RULES_EVAL_DELAY", "2m")
-	evalDelayDuration, err := valuer.ParseTextDuration(evalDelayStr)
+	evalDelayDuration, err := time.ParseDuration(evalDelayStr)
 	if err != nil {
-		return valuer.TextDuration{}
+		return 0
 	}
 	return evalDelayDuration
 }
--- a/pkg/query-service/queryBuilderToExpr/queryBuilderToExpr.go
+++ b/pkg/query-service/queryBuilderToExpr/queryBuilderToExpr.go
@@ -2,11 +2,16 @@ package queryBuilderToExpr

 import (
 	"fmt"
+	"maps"
 	"reflect"
+	"regexp"
 	"strings"

 	"github.com/SigNoz/signoz/pkg/errors"
-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
+	"github.com/SigNoz/signoz/pkg/querybuilder"
+	"github.com/SigNoz/signoz/pkg/telemetrylogs"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
+	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	expr "github.com/antonmedv/expr"
 	"go.uber.org/zap"
 )
@@ -15,119 +20,220 @@ var (
 	CodeExprCompilationFailed = errors.MustNewCode("expr_compilation_failed")
 )

-var logOperatorsToExpr = map[v3.FilterOperator]string{
-	v3.FilterOperatorEqual:           "==",
-	v3.FilterOperatorNotEqual:        "!=",
-	v3.FilterOperatorLessThan:        "<",
-	v3.FilterOperatorLessThanOrEq:    "<=",
-	v3.FilterOperatorGreaterThan:     ">",
-	v3.FilterOperatorGreaterThanOrEq: ">=",
-	v3.FilterOperatorContains:        "contains",
-	v3.FilterOperatorNotContains:     "not contains",
-	v3.FilterOperatorRegex:           "matches",
-	v3.FilterOperatorNotRegex:        "not matches",
-	v3.FilterOperatorIn:              "in",
-	v3.FilterOperatorNotIn:           "not in",
-	v3.FilterOperatorExists:          "in",
-	v3.FilterOperatorNotExists:       "not in",
-	// we dont support like and nlike as of now.
+var logOperatorsToExpr = map[qbtypes.FilterOperator]string{
+	qbtypes.FilterOperatorEqual:           "==",
+	qbtypes.FilterOperatorNotEqual:        "!=",
+	qbtypes.FilterOperatorLessThan:        "<",
+	qbtypes.FilterOperatorLessThanOrEq:    "<=",
+	qbtypes.FilterOperatorGreaterThan:     ">",
+	qbtypes.FilterOperatorGreaterThanOrEq: ">=",
+	qbtypes.FilterOperatorContains:        "contains",
+	qbtypes.FilterOperatorNotContains:     "not contains",
+	qbtypes.FilterOperatorRegexp:          "matches",
+	qbtypes.FilterOperatorNotRegexp:       "not matches",
+	qbtypes.FilterOperatorIn:              "in",
+	qbtypes.FilterOperatorNotIn:           "not in",
+	qbtypes.FilterOperatorExists:          "in",
+	qbtypes.FilterOperatorNotExists:       "not in",
+	// nlike and like are not supported yet
 }

-func getName(v v3.AttributeKey) string {
-	if v.Type == v3.AttributeKeyTypeTag {
-		return fmt.Sprintf(`attributes["%s"]`, v.Key)
-	} else if v.Type == v3.AttributeKeyTypeResource {
-		return fmt.Sprintf(`resource["%s"]`, v.Key)
+func getName(key *telemetrytypes.TelemetryFieldKey) string {
+	if key == nil {
+		return ""
 	}
-	return v.Key
-}
-
-func getTypeName(v v3.AttributeKeyType) string {
-	if v == v3.AttributeKeyTypeTag {
-		return "attributes"
-	} else if v == v3.AttributeKeyTypeResource {
-		return "resource"
+	switch key.FieldContext {
+	case telemetrytypes.FieldContextAttribute:
+		return fmt.Sprintf(`attributes["%s"]`, key.Name)
+	case telemetrytypes.FieldContextResource:
+		return fmt.Sprintf(`resource["%s"]`, key.Name)
+	case telemetrytypes.FieldContextBody:
+		return fmt.Sprintf("%s.%s", key.FieldContext.StringValue(), key.Name)
+	default:
+		return key.Name
 	}
-	return ""
 }

-func Parse(filters *v3.FilterSet) (string, error) {
-	var res []string
-	for _, v := range filters.Items {
-		if _, ok := logOperatorsToExpr[v.Operator]; !ok {
-			return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "operator not supported: %s", v.Operator)
-		}
+func parseCondition(c qbtypes.FilterCondition) (string, error) {
+	if len(c.Keys) == 0 {
+		return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "condition has no keys")
+	}
+	key := c.Keys[0]
+	if _, ok := logOperatorsToExpr[c.Op]; !ok {
+		return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "operator not supported: %d", c.Op)
+	}

-		name := getName(v.Key)
+	value := exprFormattedValue(c.Value)
+	var filter string

-		var filter string
+	switch c.Op {
+	case qbtypes.FilterOperatorExists, qbtypes.FilterOperatorNotExists:
+		// EXISTS/NOT EXISTS checks are special:
+		//   - For body fields, we check membership in fromJSON(body) using the JSON field name.
+		//   - For attribute/resource fields, we check membership in the appropriate map
+		//     ("attributes" or "resource") using the logical field name.
+		//   - For intrinsic / top‑level fields (no explicit context), we fall back to
+		//     equality against nil (see default case below).
+		switch key.FieldContext {
+		case telemetrytypes.FieldContextBody:
+			// if body is a string and is a valid JSON, then check if the key exists in the JSON
+			quoted := exprFormattedValue(key.Name)
+			jsonMembership := fmt.Sprintf(
+				`((type(body) == "string" && isJSON(body)) && %s %s %s)`,
+				quoted, logOperatorsToExpr[c.Op], "fromJSON(body)",
+			)

-		switch v.Operator {
-		// uncomment following lines when new version of expr is used
-		// case v3.FilterOperatorIn, v3.FilterOperatorNotIn:
-		// 	filter = fmt.Sprintf("%s %s list%s", name, logOperatorsToExpr[v.Operator], exprFormattedValue(v.Value))
-
-		case v3.FilterOperatorExists, v3.FilterOperatorNotExists:
-			// accustom log filters like `body.log.message EXISTS` into EXPR language
-			// where User is attempting to check for keys present in JSON log body
-			if strings.HasPrefix(v.Key.Key, "body.") {
-				// if body is a string and is a valid JSON, then check if the key exists in the JSON
-				filter = fmt.Sprintf(`((type(body) == "string" && isJSON(body)) && %s %s %s)`, exprFormattedValue(strings.TrimPrefix(v.Key.Key, "body.")), logOperatorsToExpr[v.Operator], "fromJSON(body)")
-
-				// if body is a map, then check if the key exists in the map
-				operator := v3.FilterOperatorNotEqual
-				if v.Operator == v3.FilterOperatorNotExists {
-					operator = v3.FilterOperatorEqual
-				}
-				nilCheckFilter := fmt.Sprintf("%s %s nil", v.Key.Key, logOperatorsToExpr[operator])
-
-				// join the two filters with OR
-				filter = fmt.Sprintf(`(%s or (type(body) == "map" && (%s)))`, filter, nilCheckFilter)
-			} else if typ := getTypeName(v.Key.Type); typ != "" {
-				filter = fmt.Sprintf("%s %s %s", exprFormattedValue(v.Key.Key), logOperatorsToExpr[v.Operator], typ)
-			} else {
-				// if type of key is not available; is considered as TOP LEVEL key in OTEL Log Data model hence
-				// switch Exist and Not Exists operators with NOT EQUAL and EQUAL respectively
-				operator := v3.FilterOperatorNotEqual
-				if v.Operator == v3.FilterOperatorNotExists {
-					operator = v3.FilterOperatorEqual
-				}
-
-				filter = fmt.Sprintf("%s %s nil", v.Key.Key, logOperatorsToExpr[operator])
+			// if body is a map, then check if the key exists in the map
+			operator := qbtypes.FilterOperatorNotEqual
+			if c.Op == qbtypes.FilterOperatorNotExists {
+				operator = qbtypes.FilterOperatorEqual
 			}
+			nilCheckFilter := fmt.Sprintf("%s.%s %s nil", key.FieldContext.StringValue(), key.Name, logOperatorsToExpr[operator])
+
+			// join the two filters with OR
+			filter = fmt.Sprintf(`(%s or (type(body) == "map" && (%s)))`, jsonMembership, nilCheckFilter)
+		case telemetrytypes.FieldContextAttribute, telemetrytypes.FieldContextResource:
+			// Example: "http.method" in attributes
+			target := "resource"
+			if key.FieldContext == telemetrytypes.FieldContextAttribute {
+				target = "attributes"
+			}
+			filter = fmt.Sprintf("%q %s %s", key.Name, logOperatorsToExpr[c.Op], target)
 		default:
-			filter = fmt.Sprintf("%s %s %s", name, logOperatorsToExpr[v.Operator], exprFormattedValue(v.Value))
-
-			if v.Operator == v3.FilterOperatorContains || v.Operator == v3.FilterOperatorNotContains {
-				// `contains` and `ncontains` should be case insensitive to match how they work when querying logs.
-				filter = fmt.Sprintf(
-					"lower(%s) %s lower(%s)",
-					name, logOperatorsToExpr[v.Operator], exprFormattedValue(v.Value),
-				)
-			}
-
-			// Avoid running operators on nil values
-			if v.Operator != v3.FilterOperatorEqual && v.Operator != v3.FilterOperatorNotEqual {
-				filter = fmt.Sprintf("%s != nil && %s", name, filter)
+			// if type of key is not available; is considered as TOP LEVEL key in OTEL Log Data model hence
+			// switch Exist and Not Exists operators with NOT EQUAL and EQUAL respectively
+			operator := qbtypes.FilterOperatorNotEqual
+			if c.Op == qbtypes.FilterOperatorNotExists {
+				operator = qbtypes.FilterOperatorEqual
 			}
+			filter = fmt.Sprintf("%s %s nil", key.Name, logOperatorsToExpr[operator])
+		}
+	default:
+		filter = fmt.Sprintf("%s %s %s", getName(key), logOperatorsToExpr[c.Op], value)
+		if c.Op == qbtypes.FilterOperatorContains || c.Op == qbtypes.FilterOperatorNotContains {
+			// `contains` and `ncontains` should be case insensitive to match how they work when querying logs.
+			filter = fmt.Sprintf(
+				"lower(%s) %s lower(%s)",
+				getName(key), logOperatorsToExpr[c.Op], value,
+			)
 		}

-		// check if the filter is a correct expression language
-		_, err := expr.Compile(filter)
-		if err != nil {
-			return "", err
+		// Avoid running operators on nil values
+		if c.Op != qbtypes.FilterOperatorEqual && c.Op != qbtypes.FilterOperatorNotEqual {
+			filter = fmt.Sprintf("%s != nil && %s", getName(key), filter)
 		}
-		res = append(res, filter)
 	}

-	// check the final filter
-	q := strings.Join(res, " "+strings.ToLower(filters.Operator)+" ")
-	_, err := expr.Compile(q)
+	_, err := expr.Compile(filter)
 	if err != nil {
-		return "", errors.WrapInternalf(err, CodeExprCompilationFailed, "failed to compile expression: %s", q)
+		return "", err
+	}
+	return filter, nil
+}
+
+// Parse converts the QB filter Expression (query builder expression string) into
+// the Expr expression string used by the collector. It parses the QB expression
+// into a FilterExprNode tree, then serializes that tree to the Expr dialect.
+func Parse(filter *qbtypes.Filter) (string, error) {
+	if filter == nil || strings.TrimSpace(filter.Expression) == "" {
+		return "", nil
+	}
+	node, err := querybuilder.ExtractFilterExprTree(filter.Expression)
+	if err != nil {
+		return "", err
+	}
+	if node == nil {
+		return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "invalid filter expression; node found nil")
 	}

-	return q, nil
+	for _, condition := range node.Flatten() {
+		for _, key := range condition.Keys {
+			_, found := telemetrylogs.IntrinsicFields[key.Name]
+			if key.FieldContext == telemetrytypes.FieldContextUnspecified && !found {
+				return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "field %q in filter expression must include a context prefix (attribute., resource., body.) OR can be one of the following fields: %v", key.Name, maps.Keys(telemetrylogs.IntrinsicFields))
+			}
+		}
+		if condition.Op == qbtypes.FilterOperatorRegexp || condition.Op == qbtypes.FilterOperatorNotRegexp {
+			switch condition.Value.(type) {
+			case string:
+				if _, err := regexp.Compile(condition.Value.(string)); err != nil {
+					return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "value for regex operator must be a valid regex")
+				}
+			default:
+				return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "value for regex operator must be a string or a slice of strings")
+			}
+		}
+	}
+
+	return nodeToExpr(node)
+}
+
+func nodeToExpr(node *qbtypes.FilterExprNode) (string, error) {
+	if node == nil {
+		return "", nil
+	}
+
+	switch node.Op {
+	case qbtypes.LogicalOpLeaf:
+		var parts []string
+		for _, c := range node.Conditions {
+			s, err := parseCondition(c)
+			if err != nil {
+				return "", err
+			}
+			parts = append(parts, s)
+		}
+		if len(parts) == 0 {
+			return "", nil
+		}
+		// For a simple leaf, just join conditions with AND without wrapping
+		// the whole clause in parentheses
+		return strings.Join(parts, " and "), nil
+	case qbtypes.LogicalOpAnd:
+		var parts []string
+		for _, child := range node.Children {
+			if child == nil {
+				continue
+			}
+			s, err := nodeToExpr(child)
+			if err != nil {
+				return "", err
+			}
+			// When mixing AND/OR, we need parentheses around any OR child to
+			// preserve the intended precedence: (a and (b or c)).
+			if child.Op == qbtypes.LogicalOpOr {
+				s = fmt.Sprintf("(%s)", s)
+			}
+			parts = append(parts, s)
+		}
+		if len(parts) == 0 {
+			return "", nil
+		}
+		return strings.Join(parts, " and "), nil
+	case qbtypes.LogicalOpOr:
+		var parts []string
+		for _, child := range node.Children {
+			if child == nil {
+				continue
+			}
+			s, err := nodeToExpr(child)
+			if err != nil {
+				return "", err
+			}
+			// When mixing AND/OR, we need parentheses around any AND child to
+			// preserve the intended precedence: ((a and b) or c).
+			if child.Op == qbtypes.LogicalOpAnd {
+				s = fmt.Sprintf("(%s)", s)
+			}
+			parts = append(parts, s)
+		}
+		if len(parts) == 0 {
+			return "", nil
+		}
+		return strings.Join(parts, " or "), nil
+	default:
+		return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "unsupported logical op: %s", node.Op)
+	}
 }

 func exprFormattedValue(v interface{}) string {
@@ -135,13 +241,12 @@ func exprFormattedValue(v interface{}) string {
 	case uint8, uint16, uint32, uint64, int, int8, int16, int32, int64:
 		return fmt.Sprintf("%d", x)
 	case float32, float64:
-		return fmt.Sprintf("%f", x)
+		return fmt.Sprintf("%v", x)
 	case string:
 		return fmt.Sprintf("\"%s\"", quoteEscapedString(x))
 	case bool:
 		return fmt.Sprintf("%v", x)
-
-	case []interface{}:
+	case []any:
 		if len(x) == 0 {
 			return ""
 		}
--- a/pkg/query-service/queryBuilderToExpr/queryBuilderToExpr_test.go
+++ b/pkg/query-service/queryBuilderToExpr/queryBuilderToExpr_test.go
@@ -4,7 +4,7 @@ import (
 	"testing"

 	signozstanzahelper "github.com/SigNoz/signoz-otel-collector/processor/signozlogspipelineprocessor/stanza/operator/helper"
-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/expr-lang/expr/vm"
 	"github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/entry"
 	"github.com/stretchr/testify/assert"
@@ -13,183 +13,177 @@ import (
 func TestParseExpression(t *testing.T) {
 	var testCases = []struct {
 		Name        string
-		Query       *v3.FilterSet
+		Query       *qbtypes.Filter
 		Expr        string
 		ExpectError bool
 	}{
 		{
 			Name: "equal",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "checkbody", Operator: "="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key = 'checkbody'",
+			},
 			Expr: `attributes["key"] == "checkbody"`,
 		},
 		{
 			Name: "not equal",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "checkbody", Operator: "!="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key != 'checkbody'",
+			},
 			Expr: `attributes["key"] != "checkbody"`,
 		},
 		{
 			Name: "less than",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeInt64, Type: v3.AttributeKeyTypeTag}, Value: 10, Operator: "<"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key < 10",
+			},
 			Expr: `attributes["key"] != nil && attributes["key"] < 10`,
 		},
 		{
 			Name: "greater than",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeInt64, Type: v3.AttributeKeyTypeTag}, Value: 10, Operator: ">"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key > 10",
+			},
 			Expr: `attributes["key"] != nil && attributes["key"] > 10`,
 		},
 		{
 			Name: "less than equal",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: 10, Operator: "<="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key <= 10",
+			},
 			Expr: `attributes["key"] != nil && attributes["key"] <= 10`,
 		},
 		{
 			Name: "greater than equal",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: 10, Operator: ">="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key >= 10",
+			},
 			Expr: `attributes["key"] != nil && attributes["key"] >= 10`,
 		},
 		// case sensitive
 		{
 			Name: "body contains",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "checkbody", Operator: "contains"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body contains 'checkbody'",
+			},
 			Expr: `body != nil && lower(body) contains lower("checkbody")`,
 		},
 		{
 			Name: "body.log.message exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body.log.message", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "exists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body.log.message exists",
+			},
 			Expr: `(((type(body) == "string" && isJSON(body)) && "log.message" in fromJSON(body)) or (type(body) == "map" && (body.log.message != nil)))`,
 		},
 		{
 			Name: "body.log.message not exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body.log.message", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "nexists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body.log.message not exists",
+			},
 			Expr: `(((type(body) == "string" && isJSON(body)) && "log.message" not in fromJSON(body)) or (type(body) == "map" && (body.log.message == nil)))`,
 		},
 		{
-			Name: "body ncontains",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "checkbody", Operator: "ncontains"},
-			}},
+			Name: "body NOT CONTAINS",
+			Query: &qbtypes.Filter{
+				Expression: "body NOT CONTAINS 'checkbody'",
+			},
 			Expr: `body != nil && lower(body) not contains lower("checkbody")`,
 		},
 		{
-			Name: "body regex",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "[0-1]+regex$", Operator: "regex"},
-			}},
+			Name: "body REGEXP",
+			Query: &qbtypes.Filter{
+				Expression: "body REGEXP '[0-1]+regex$'",
+			},
 			Expr: `body != nil && body matches "[0-1]+regex$"`,
 		},
 		{
-			Name: "body not regex",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "[0-1]+regex$", Operator: "nregex"},
-			}},
+			Name: "body NOT REGEXP",
+			Query: &qbtypes.Filter{
+				Expression: "body NOT REGEXP '[0-1]+regex$'",
+			},
 			Expr: `body != nil && body not matches "[0-1]+regex$"`,
 		},
 		{
 			Name: "regex with escape characters",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: `^Executing \[\S+@\S+:[0-9]+\] \S+".*`, Operator: "regex"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body REGEXP '^Executing \\[\\S+@\\S+:[0-9]+\\] \\S+\".*'",
+			},
 			Expr: `body != nil && body matches "^Executing \\[\\S+@\\S+:[0-9]+\\] \\S+\".*"`,
 		},
 		{
 			Name: "invalid regex",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "[0-9]++", Operator: "nregex"},
-			}},
-			Expr:        `body != nil && lower(body) not matches "[0-9]++"`,
+			Query: &qbtypes.Filter{
+				Expression: "body not REGEXP '[0-9]++'",
+			},
 			ExpectError: true,
 		},
 		{
 			Name: "in",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: []any{1, 2, 3, 4}, Operator: "in"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key in [1,2,3,4]",
+			},
 			Expr: `attributes["key"] != nil && attributes["key"] in [1,2,3,4]`,
 		},
 		{
 			Name: "not in",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: []any{"1", "2"}, Operator: "nin"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key not in ['1','2']",
+			},
 			Expr: `attributes["key"] != nil && attributes["key"] not in ['1','2']`,
 		},
 		{
 			Name: "exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Operator: "exists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key exists",
+			},
 			Expr: `"key" in attributes`,
 		},
 		{
 			Name: "not exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Operator: "nexists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key not exists",
+			},
 			Expr: `"key" not in attributes`,
 		},
 		{
 			Name: "trace_id not exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "trace_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "nexists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "trace_id not exists",
+			},
 			Expr: `trace_id == nil`,
 		},
 		{
 			Name: "trace_id exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "trace_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "exists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "trace_id exists",
+			},
 			Expr: `trace_id != nil`,
 		},
 		{
 			Name: "span_id not exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "span_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "nexists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "span_id not exists",
+			},
 			Expr: `span_id == nil`,
 		},
 		{
 			Name: "span_id exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "span_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "exists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "span_id exists",
+			},
 			Expr: `span_id != nil`,
 		},
 		{
 			Name: "Multi filter",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: 10, Operator: "<="},
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "[0-1]+regex$", Operator: "nregex"},
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Operator: "nexists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key <= 10 and body not regexp '[0-1]+regex$' and attribute.key not exists",
+			},
 			Expr: `attributes["key"] != nil && attributes["key"] <= 10 and body != nil && body not matches "[0-1]+regex$" and "key" not in attributes`,
 		},
 		{
 			Name: "incorrect multi filter",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: 10, Operator: "<="},
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "[0-9]++", Operator: "nregex"},
-				{Key: v3.AttributeKey{Key: "key", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Operator: "nexists"},
-			}},
-			Expr:        `attributes["key"] != nil && attributes["key"] <= 10 and body not matches "[0-9]++" and "key" not in attributes`,
+			Query: &qbtypes.Filter{
+				Expression: "attribute.key <= 10 and body not regexp '[0-9]++' and attribute.key not exists",
+			},
 			ExpectError: true,
 		},
 	}
@@ -267,248 +261,234 @@ func TestExpressionVSEntry(t *testing.T) {

 	var testCases = []struct {
 		Name            string
-		Query           *v3.FilterSet
+		Query           *qbtypes.Filter
 		ExpectedMatches []int
 	}{
 		{
 			Name: "resource equal (env)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "env", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeResource}, Value: "prod", Operator: "="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "resource.env = 'prod'",
+			},
 			ExpectedMatches: []int{0, 1, 4, 5, 9, 11, 13, 14, 17, 18},
 		},
 		{
 			Name: "resource not equal (env)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "env", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeResource}, Value: "prod", Operator: "!="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "resource.env != 'prod'",
+			},
 			ExpectedMatches: []int{2, 3, 6, 7, 8, 10, 12, 15, 16, 19, 20},
 		},
 		{
 			Name: "attribute less than (numeric)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "count", DataType: v3.AttributeKeyDataTypeInt64, Type: v3.AttributeKeyTypeTag}, Value: 8, Operator: "<"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.count < 8",
+			},
 			ExpectedMatches: []int{4},
 		},
 		{
 			Name: "attribute greater than (numeric)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "count", DataType: v3.AttributeKeyDataTypeInt64, Type: v3.AttributeKeyTypeTag}, Value: 8, Operator: ">"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.count > 8",
+			},
 			ExpectedMatches: []int{5},
 		},
 		{
 			Name: "body contains (case insensitive)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "checkbody", Operator: "contains"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body contains 'checkbody'",
+			},
 			ExpectedMatches: []int{2, 9, 10, 16},
 		},
 		{
-			Name: "body ncontains",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "checkbody", Operator: "ncontains"},
-			}},
+			Name: "body NOT CONTAINS",
+			Query: &qbtypes.Filter{
+				Expression: "body NOT CONTAINS 'checkbody'",
+			},
 			ExpectedMatches: []int{0, 1, 3, 4, 5, 6, 7, 8, 11, 12, 13, 14, 15, 17},
 		},
 		{
 			Name: "body.msg (case insensitive)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body.msg", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: false}, Value: "checkbody", Operator: "contains"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body.msg contains 'checkbody'",
+			},
 			ExpectedMatches: []int{2, 9, 10, 18},
 		},
 		{
-			Name: "body regex",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "[0-1]+regex", Operator: "regex"},
-			}},
+			Name: "body REGEXP",
+			Query: &qbtypes.Filter{
+				Expression: "body REGEXP '[0-1]+regex'",
+			},
 			ExpectedMatches: []int{4},
 		},
 		{
-			Name: "body not regex",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "[0-1]+regex", Operator: "nregex"},
-			}},
+			Name: "body NOT REGEXP",
+			Query: &qbtypes.Filter{
+				Expression: "body NOT REGEXP '[0-1]+regex'",
+			},
 			ExpectedMatches: []int{0, 1, 2, 3, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17},
 		},
 		// body.log.message exists/nexists: expr checks "log.message" in fromJSON(body); nested key
 		// semantics depend on signoz stanza helper. Omitted here to avoid coupling to env shape.
 		{
 			Name: "body top-level key exists (body.msg)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body.msg", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "exists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body.msg exists",
+			},
 			ExpectedMatches: []int{0, 1, 2, 3, 4, 5, 9, 10, 11, 12, 18},
 		},
 		{
 			Name: "body top-level key not exists (body.missing)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body.missing", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "nexists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body.missing not exists",
+			},
 			ExpectedMatches: []int{0, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 18, 20},
 		},
 		{
 			Name: "attribute exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "service", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Operator: "exists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.service exists",
+			},
 			ExpectedMatches: []int{6, 7, 8, 15},
 		},
 		{
 			Name: "attribute not exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "service", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Operator: "nexists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.service not exists",
+			},
 			ExpectedMatches: []int{0, 1, 2, 3, 4, 5, 9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20},
 		},
 		{
 			Name: "trace_id exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "trace_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "exists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "trace_id exists",
+			},
 			ExpectedMatches: []int{1, 2, 5, 7, 12, 15, 19},
 		},
 		{
 			Name: "trace_id not exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "trace_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "nexists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "trace_id not exists",
+			},
 			ExpectedMatches: []int{0, 3, 4, 6, 8, 9, 10, 11, 13, 14, 16, 17, 18, 20},
 		},
 		{
 			Name: "span_id exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "span_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "exists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "span_id exists",
+			},
 			ExpectedMatches: []int{1, 3, 5, 12, 17, 20},
 		},
 		{
 			Name: "span_id not exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "span_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "nexists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "span_id not exists",
+			},
 			ExpectedMatches: []int{0, 2, 4, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16, 18, 19},
 		},
 		{
 			Name: "in (attribute in list)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "level", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: []any{"info", "error"}, Operator: "in"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.level in ['info', 'error']",
+			},
 			ExpectedMatches: []int{0, 1, 2, 14, 16, 20},
 		},
 		{
 			Name: "not in (attribute not in list)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "level", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: []any{"error", "warn"}, Operator: "nin"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.level not in ['error', 'warn']",
+			},
 			ExpectedMatches: []int{0, 2, 3, 16, 20},
 		},
 		{
 			Name: "multi filter AND",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "env", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeResource}, Value: "staging", Operator: "="},
-				{Key: v3.AttributeKey{Key: "level", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "info", Operator: "="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "resource.env = 'staging' and attribute.level = 'info'",
+			},
 			ExpectedMatches: []int{2, 16},
 		},
 		{
 			Name: "multi filter AND (two attributes)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "service", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "auth", Operator: "="},
-				{Key: v3.AttributeKey{Key: "level", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Operator: "nexists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.service = 'auth' and attribute.level not exists",
+			},
 			ExpectedMatches: []int{6, 7},
 		},
 		// Multi-filter variations: body + attribute, three conditions, trace/span + attribute
 		{
 			Name: "multi filter AND body contains + attribute",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "Connection", Operator: "contains"},
-				{Key: v3.AttributeKey{Key: "env", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeResource}, Value: "prod", Operator: "="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body contains 'Connection' and resource.env = 'prod'",
+			},
 			ExpectedMatches: []int{14},
 		},
 		{
 			Name: "multi filter AND body contains + service",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "login", Operator: "contains"},
-				{Key: v3.AttributeKey{Key: "service", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "auth", Operator: "="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body contains 'login' and attribute.service = 'auth'",
+			},
 			ExpectedMatches: []int{6, 15},
 		},
 		{
 			Name: "multi filter AND env + level (prod error)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "env", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeResource}, Value: "prod", Operator: "="},
-				{Key: v3.AttributeKey{Key: "level", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "error", Operator: "="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "resource.env = 'prod' and attribute.level = 'error'",
+			},
 			ExpectedMatches: []int{1, 14},
 		},
 		{
 			Name: "multi filter AND three conditions (staging + checkbody + info)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "env", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeResource}, Value: "staging", Operator: "="},
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "checkbody", Operator: "contains"},
-				{Key: v3.AttributeKey{Key: "level", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "info", Operator: "="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "resource.env = 'staging' and body contains 'checkbody' and attribute.level = 'info'",
+			},
 			ExpectedMatches: []int{2, 16},
 		},
 		{
 			Name: "multi filter AND trace_id exists + body contains",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "trace_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "exists"},
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "checkbody", Operator: "contains"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "trace_id exists and body contains 'checkbody'",
+			},
 			ExpectedMatches: []int{2},
 		},
 		{
 			Name: "multi filter AND span_id nexists + service auth",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "span_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "nexists"},
-				{Key: v3.AttributeKey{Key: "service", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "auth", Operator: "="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "span_id not exists and attribute.service = 'auth'",
+			},
 			ExpectedMatches: []int{6, 7, 15},
 		},
 		{
 			Name: "multi filter AND body regex + attribute",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "[0-1]+regex", Operator: "regex"},
-				{Key: v3.AttributeKey{Key: "code", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "200", Operator: "="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "body regexp '[0-1]+regex' and attribute.code = '200'",
+			},
 			ExpectedMatches: []int{4},
 		},
 		{
 			Name: "multi filter AND no trace_id + no span_id + env prod",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "trace_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "nexists"},
-				{Key: v3.AttributeKey{Key: "span_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "nexists"},
-				{Key: v3.AttributeKey{Key: "env", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeResource}, Value: "prod", Operator: "="},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "trace_id not exists and span_id not exists and resource.env = 'prod'",
+			},
 			ExpectedMatches: []int{0, 4, 9, 11, 13, 14, 18},
 		},
 		{
 			Name: "multi filter AND level warn + body contains",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "level", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "warn", Operator: "="},
-				{Key: v3.AttributeKey{Key: "body", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "disk", Operator: "contains"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.level = 'warn' and body contains 'disk'",
+			},
 			ExpectedMatches: []int{17},
 		},
 		{
-			Name: "no matches (attribute value not present)",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "env", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeResource}, Value: "never", Operator: "="},
-			}},
+			Name: "no matches (resource value not present)",
+			Query: &qbtypes.Filter{
+				Expression: "resource.env = 'never'",
+			},
 			ExpectedMatches: []int{},
 		},
 		{
 			Name: "attribute equal and trace_id exists",
-			Query: &v3.FilterSet{Operator: "AND", Items: []v3.FilterItem{
-				{Key: v3.AttributeKey{Key: "code", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeTag}, Value: "404", Operator: "="},
-				{Key: v3.AttributeKey{Key: "trace_id", DataType: v3.AttributeKeyDataTypeString, Type: v3.AttributeKeyTypeUnspecified, IsColumn: true}, Value: "", Operator: "exists"},
-			}},
+			Query: &qbtypes.Filter{
+				Expression: "attribute.code = '404' and trace_id exists",
+			},
 			ExpectedMatches: []int{5},
 		},
 	}
--- a/pkg/query-service/rules/base_rule.go
+++ b/pkg/query-service/rules/base_rule.go
@@ -40,13 +40,13 @@ type BaseRule struct {
 	// evalWindow is the time window used for evaluating the rule
 	// i.e. each time we lookback from the current time, we look at data for the last
 	// evalWindow duration
-	evalWindow valuer.TextDuration
+	evalWindow time.Duration
 	// holdDuration is the duration for which the alert waits before firing
-	holdDuration valuer.TextDuration
+	holdDuration time.Duration

 	// evalDelay is the delay in evaluation of the rule
 	// this is useful in cases where the data is not available immediately
-	evalDelay valuer.TextDuration
+	evalDelay time.Duration

 	// holds the static set of labels and annotations for the rule
 	// these are the same for all alerts created for this rule
@@ -94,7 +94,7 @@ type BaseRule struct {
 	evaluation ruletypes.Evaluation

 	// newGroupEvalDelay is the grace period for new alert groups
-	newGroupEvalDelay valuer.TextDuration
+	newGroupEvalDelay *time.Duration

 	queryParser queryparser.QueryParser
 }
@@ -113,7 +113,7 @@ func WithSendUnmatched() RuleOption {
 	}
 }

-func WithEvalDelay(dur valuer.TextDuration) RuleOption {
+func WithEvalDelay(dur time.Duration) RuleOption {
 	return func(r *BaseRule) {
 		r.evalDelay = dur
 	}
@@ -163,7 +163,7 @@ func NewBaseRule(id string, orgID valuer.UUID, p *ruletypes.PostableRule, reader
 		source:            p.Source,
 		typ:               p.AlertType,
 		ruleCondition:     p.RuleCondition,
-		evalWindow:        p.EvalWindow,
+		evalWindow:        time.Duration(p.EvalWindow),
 		labels:            qslabels.FromMap(p.Labels),
 		annotations:       qslabels.FromMap(p.Annotations),
 		preferredChannels: p.PreferredChannels,
@@ -176,12 +176,13 @@ func NewBaseRule(id string, orgID valuer.UUID, p *ruletypes.PostableRule, reader
 	}

 	// Store newGroupEvalDelay and groupBy keys from NotificationSettings
-	if p.NotificationSettings != nil {
-		baseRule.newGroupEvalDelay = p.NotificationSettings.NewGroupEvalDelay
+	if p.NotificationSettings != nil && p.NotificationSettings.NewGroupEvalDelay != nil {
+		newGroupEvalDelay := time.Duration(*p.NotificationSettings.NewGroupEvalDelay)
+		baseRule.newGroupEvalDelay = &newGroupEvalDelay
 	}

-	if baseRule.evalWindow.IsZero() {
-		baseRule.evalWindow = valuer.MustParseTextDuration("5m")
+	if baseRule.evalWindow == 0 {
+		baseRule.evalWindow = 5 * time.Minute
 	}

 	for _, opt := range opts {
@@ -244,15 +245,15 @@ func (r *BaseRule) ActiveAlertsLabelFP() map[uint64]struct{} {
 	return activeAlerts
 }

-func (r *BaseRule) EvalDelay() valuer.TextDuration {
+func (r *BaseRule) EvalDelay() time.Duration {
 	return r.evalDelay
 }

-func (r *BaseRule) EvalWindow() valuer.TextDuration {
+func (r *BaseRule) EvalWindow() time.Duration {
 	return r.evalWindow
 }

-func (r *BaseRule) HoldDuration() valuer.TextDuration {
+func (r *BaseRule) HoldDuration() time.Duration {
 	return r.holdDuration
 }

@@ -280,7 +281,7 @@ func (r *BaseRule) Timestamps(ts time.Time) (time.Time, time.Time) {
 	start := st.UnixMilli()
 	end := en.UnixMilli()

-	if r.evalDelay.IsPositive() {
+	if r.evalDelay > 0 {
 		start = start - r.evalDelay.Milliseconds()
 		end = end - r.evalDelay.Milliseconds()
 	}
@@ -551,7 +552,7 @@ func (r *BaseRule) PopulateTemporality(ctx context.Context, orgID valuer.UUID, q

 // ShouldSkipNewGroups returns true if new group filtering should be applied
 func (r *BaseRule) ShouldSkipNewGroups() bool {
-	return r.newGroupEvalDelay.IsPositive()
+	return r.newGroupEvalDelay != nil && *r.newGroupEvalDelay > 0
 }

 // isFilterNewSeriesSupported checks if the query is supported for new series filtering
--- a/pkg/query-service/rules/base_rule_test.go
+++ b/pkg/query-service/rules/base_rule_test.go
@@ -20,7 +20,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/telemetrystore/telemetrystoretest"
 	"github.com/SigNoz/signoz/pkg/types/metrictypes"
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
+	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes/telemetrytypestest"
 	"github.com/SigNoz/signoz/pkg/valuer"
@@ -124,8 +124,8 @@ func createPostableRule(compositeQuery *v3.CompositeQuery) ruletypes.PostableRul
 		Evaluation: &ruletypes.EvaluationEnvelope{
 			Kind: ruletypes.RollingEvaluation,
 			Spec: ruletypes.RollingWindow{
-				EvalWindow: valuer.MustParseTextDuration("5m"),
-				Frequency:  valuer.MustParseTextDuration("1m"),
+				EvalWindow: ruletypes.Duration(5 * time.Minute),
+				Frequency:  ruletypes.Duration(1 * time.Minute),
 			},
 		},
 		RuleCondition: &ruletypes.RuleCondition{
@@ -151,7 +151,7 @@ type filterNewSeriesTestCase struct {
 	compositeQuery    *v3.CompositeQuery
 	series            []*v3.Series
 	firstSeenMap      map[telemetrytypes.MetricMetadataLookupKey]int64
-	newGroupEvalDelay valuer.TextDuration
+	newGroupEvalDelay *time.Duration
 	evalTime          time.Time
 	expectedFiltered  []*v3.Series // series that should be in the final filtered result (old enough)
 	expectError       bool
@@ -159,8 +159,7 @@ type filterNewSeriesTestCase struct {

 func TestBaseRule_FilterNewSeries(t *testing.T) {
 	defaultEvalTime := time.Unix(1700000000, 0)
-	defaultNewGroupEvalDelay := valuer.MustParseTextDuration("2m")
-	defaultDelay := defaultNewGroupEvalDelay.Duration()
+	defaultDelay := 2 * time.Minute
 	defaultGroupByFields := []string{"service_name", "env"}

 	logger := instrumentationtest.New().Logger()
@@ -203,7 +202,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, false, "svc-new", "prod"),
 				// svc-missing has no metadata, so it will be included
 			),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-old", "env": "prod"}, nil),
@@ -235,7 +234,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, false, "svc-new1", "prod"),
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, false, "svc-new2", "stage"),
 			),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered:  []*v3.Series{}, // all should be filtered out (new series)
 		},
@@ -262,7 +261,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc-old1", "prod"),
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc-old2", "stage"),
 			),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-old1", "env": "prod"}, nil),
@@ -296,7 +295,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -326,7 +325,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -362,7 +361,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"status": "200"}, nil), // no service_name or env
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"status": "200"}, nil),
@@ -391,7 +390,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 			},
 			firstSeenMap: createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc-old", "prod"),
 			// svc-no-metadata has no entry in firstSeenMap
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-old", "env": "prod"}, nil),
@@ -421,7 +420,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				{MetricName: "request_total", AttributeName: "service_name", AttributeValue: "svc-partial"}: calculateFirstSeen(defaultEvalTime, defaultDelay, true),
 				// env metadata is missing
 			},
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-partial", "env": "prod"}, nil),
@@ -455,7 +454,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 			},
 			series:            []*v3.Series{},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered:  []*v3.Series{},
 		},
@@ -489,7 +488,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
 			},
 			firstSeenMap:      createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc1", "prod"),
-			newGroupEvalDelay: valuer.TextDuration{}, // zero delay
+			newGroupEvalDelay: func() *time.Duration { d := time.Duration(0); return &d }(), // zero delay
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -533,7 +532,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc1", "prod"),
 				createFirstSeenMap("error_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc1", "prod"),
 			),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -573,7 +572,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", []string{"service_name"}, defaultEvalTime, defaultDelay, true, "svc1"),
 				createFirstSeenMap("request_total", []string{"env"}, defaultEvalTime, defaultDelay, false, "prod"),
 			),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered:  []*v3.Series{}, // max first_seen is new, so should be filtered out
 		},
@@ -605,7 +604,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc2"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1"}, nil),
@@ -640,7 +639,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc2"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1"}, nil),
@@ -698,14 +697,20 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				telemetryStore,
 				prometheustest.New(context.Background(), settings, prometheus.Config{}, telemetryStore),
 				"",
-				time.Second,
+				time.Duration(time.Second),
 				nil,
 				readerCache,
 				options,
 			)

-			postableRule.NotificationSettings = &ruletypes.NotificationSettings{
-				NewGroupEvalDelay: tt.newGroupEvalDelay,
+			// Set newGroupEvalDelay in NotificationSettings if provided
+			if tt.newGroupEvalDelay != nil {
+				postableRule.NotificationSettings = &ruletypes.NotificationSettings{
+					NewGroupEvalDelay: func() *ruletypes.Duration {
+						d := ruletypes.Duration(*tt.newGroupEvalDelay)
+						return &d
+					}(),
+				}
 			}

 			// Create BaseRule using NewBaseRule
--- a/pkg/query-service/rules/manager.go
+++ b/pkg/query-service/rules/manager.go
@@ -30,7 +30,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/alertmanagertypes"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
+	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
@@ -66,7 +66,7 @@ type PrepareTestRuleOptions struct {
 	OrgID            valuer.UUID
 }

-const taskNameSuffix = "webAppEditor"
+const taskNamesuffix = "webAppEditor"

 func RuleIdFromTaskName(n string) string {
 	return strings.Split(n, "-groupname")[0]
@@ -97,7 +97,7 @@ type ManagerOptions struct {
 	SLogger     *slog.Logger
 	Cache       cache.Cache

-	EvalDelay valuer.TextDuration
+	EvalDelay time.Duration

 	PrepareTaskFunc     func(opts PrepareTaskOptions) (Task, error)
 	PrepareTestRuleFunc func(opts PrepareTestRuleOptions) (int, *model.ApiError)
@@ -182,8 +182,8 @@ func defaultPrepareTaskFunc(opts PrepareTaskOptions) (Task, error) {

 		rules = append(rules, tr)

-		// create ch rule task for evaluation
-		task = newTask(TaskTypeCh, opts.TaskName, taskNameSuffix, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		// create ch rule task for evalution
+		task = newTask(TaskTypeCh, opts.TaskName, taskNamesuffix, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)

 	} else if opts.Rule.RuleType == ruletypes.RuleTypeProm {

@@ -206,8 +206,8 @@ func defaultPrepareTaskFunc(opts PrepareTaskOptions) (Task, error) {

 		rules = append(rules, pr)

-		// create promql rule task for evaluation
-		task = newTask(TaskTypeProm, opts.TaskName, taskNameSuffix, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		// create promql rule task for evalution
+		task = newTask(TaskTypeProm, opts.TaskName, taskNamesuffix, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)

 	} else {
 		return nil, fmt.Errorf("unsupported rule type %s. Supported types: %s, %s", opts.Rule.RuleType, ruletypes.RuleTypeProm, ruletypes.RuleTypeThreshold)
@@ -323,7 +323,7 @@ func (m *Manager) run(_ context.Context) {
 }

 // Stop the rule manager's rule evaluation cycles.
-func (m *Manager) Stop(_ context.Context) {
+func (m *Manager) Stop(ctx context.Context) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()

@@ -336,7 +336,7 @@ func (m *Manager) Stop(_ context.Context) {
 	zap.L().Info("Rule manager stopped")
 }

-// EditRule writes the rule definition to the
+// EditRuleDefinition writes the rule definition to the
 // datastore and also updates the rule executor
 func (m *Manager) EditRule(ctx context.Context, ruleStr string, id valuer.UUID) error {
 	claims, err := authtypes.ClaimsFromContext(ctx)
@@ -643,7 +643,7 @@ func (m *Manager) addTask(_ context.Context, orgID valuer.UUID, rule *ruletypes.
 		m.rules[r.ID()] = r
 	}

-	// If there is another task with the same identifier, raise an error
+	// If there is an another task with the same identifier, raise an error
 	_, ok := m.tasks[taskName]
 	if ok {
 		return fmt.Errorf("a rule with the same name already exists")
@@ -678,8 +678,7 @@ func (m *Manager) RuleTasks() []Task {
 	return rgs
 }

-// RuleTasksWithoutLock returns the list of manager's rule tasks without
-// acquiring a lock on the manager.
+// RuleTasks returns the list of manager's rule tasks.
 func (m *Manager) RuleTasksWithoutLock() []Task {

 	rgs := make([]Task, 0, len(m.tasks))
@@ -890,7 +889,7 @@ func (m *Manager) syncRuleStateWithTask(ctx context.Context, orgID valuer.UUID,
 	} else {
 		// check if rule has a task running
 		if _, ok := m.tasks[taskName]; !ok {
-			// rule has no task, start one
+			// rule has not task, start one
 			if err := m.addTask(ctx, orgID, rule, taskName); err != nil {
 				return err
 			}
--- a/pkg/query-service/rules/manager_test_data.go
+++ b/pkg/query-service/rules/manager_test_data.go
@@ -9,7 +9,6 @@ import (
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
 )

 // ThresholdRuleTestCase defines test case structure for threshold rule test notifications
@@ -41,8 +40,8 @@ func ThresholdRuleAtLeastOnceValueAbove(target float64, recovery *float64) rulet
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		Labels: map[string]string{
 			"service.name": "frontend",
@@ -100,8 +99,8 @@ func BuildPromAtLeastOnceValueAbove(target float64, recovery *float64) ruletypes
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		Labels: map[string]string{
 			"service.name": "frontend",
--- a/pkg/query-service/rules/prom_rule.go
+++ b/pkg/query-service/rules/prom_rule.go
@@ -28,8 +28,6 @@ type PromRule struct {
 	prometheus prometheus.Prometheus
 }

-var _ Rule = (*PromRule)(nil)
-
 func NewPromRule(
 	id string,
 	orgID valuer.UUID,
@@ -334,7 +332,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			continue
 		}

-		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration.Duration() {
+		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration {
 			a.State = model.StateFiring
 			a.FiredAt = ts
 			state := model.StateFiring
@@ -398,7 +396,7 @@ func (r *PromRule) String() string {
 	ar := ruletypes.PostableRule{
 		AlertName:         r.name,
 		RuleCondition:     r.ruleCondition,
-		EvalWindow:        r.evalWindow,
+		EvalWindow:        ruletypes.Duration(r.evalWindow),
 		Labels:            r.labels.Map(),
 		Annotations:       r.annotations.Map(),
 		PreferredChannels: r.preferredChannels,
--- a/pkg/query-service/rules/prom_rule_task.go
+++ b/pkg/query-service/rules/prom_rule_task.go
@@ -41,12 +41,12 @@ type PromRuleTask struct {
 	orgID            valuer.UUID
 }

-// NewPromRuleTask holds rules that have promql condition
-// and evaluates the rule at a given frequency
+// newPromRuleTask holds rules that have promql condition
+// and evalutes the rule at a given frequency
 func NewPromRuleTask(name, file string, frequency time.Duration, rules []Rule, opts *ManagerOptions, notify NotifyFunc, maintenanceStore ruletypes.MaintenanceStore, orgID valuer.UUID) *PromRuleTask {
 	zap.L().Info("Initiating a new rule group", zap.String("name", name), zap.Duration("frequency", frequency))

-	if frequency == 0 {
+	if time.Now() == time.Now().Add(frequency) {
 		frequency = DefaultFrequency
 	}

--- a/pkg/query-service/rules/prom_rule_test.go
+++ b/pkg/query-service/rules/prom_rule_test.go
@@ -41,8 +41,8 @@ func TestPromRuleEval(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -748,8 +748,8 @@ func TestPromRuleUnitCombinations(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1007,8 +1007,8 @@ func _Enable_this_after_9146_issue_fix_is_merged_TestPromRuleNoData(t *testing.T
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1118,8 +1118,8 @@ func TestMultipleThresholdPromRule(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1353,8 +1353,8 @@ func TestPromRule_NoData(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,
@@ -1466,7 +1466,7 @@ func TestPromRule_NoData_AbsentFor(t *testing.T) {
 	// 3. Alert fires only if t2 - t1 > AbsentFor

 	baseTime := time.Unix(1700000000, 0)
-	evalWindow := valuer.MustParseTextDuration("5m")
+	evalWindow := 5 * time.Minute

 	// Set target higher than test data (100.0) so regular threshold alerts don't fire
 	target := 500.0
@@ -1476,8 +1476,8 @@ func TestPromRule_NoData_AbsentFor(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: evalWindow,
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(evalWindow),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp:     ruletypes.ValueIsAbove,
@@ -1619,7 +1619,7 @@ func TestPromRuleEval_RequireMinPoints(t *testing.T) {
 	baseTime := time.Unix(1700000000, 0)
 	evalTime := baseTime.Add(5 * time.Minute)

-	evalWindow := valuer.MustParseTextDuration("5m")
+	evalWindow := 5 * time.Minute
 	lookBackDelta := time.Minute

 	postableRule := ruletypes.PostableRule{
@@ -1627,8 +1627,8 @@ func TestPromRuleEval_RequireMinPoints(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: evalWindow,
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(evalWindow),
+			Frequency:  ruletypes.Duration(time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,
--- a/pkg/query-service/rules/rule.go
+++ b/pkg/query-service/rules/rule.go
@@ -7,7 +7,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	"github.com/SigNoz/signoz/pkg/query-service/utils/labels"
 	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
 )

 // A Rule encapsulates a vector expression which is evaluated at a specified
@@ -20,9 +19,9 @@ type Rule interface {
 	Labels() labels.BaseLabels
 	Annotations() labels.BaseLabels
 	Condition() *ruletypes.RuleCondition
-	EvalDelay() valuer.TextDuration
-	EvalWindow() valuer.TextDuration
-	HoldDuration() valuer.TextDuration
+	EvalDelay() time.Duration
+	EvalWindow() time.Duration
+	HoldDuration() time.Duration
 	State() model.AlertState
 	ActiveAlerts() []*ruletypes.Alert
 	// ActiveAlertsLabelFP returns a map of active alert labels fingerprint
--- a/pkg/query-service/rules/rule_task.go
+++ b/pkg/query-service/rules/rule_task.go
@@ -43,7 +43,7 @@ const DefaultFrequency = 1 * time.Minute
 // NewRuleTask makes a new RuleTask with the given name, options, and rules.
 func NewRuleTask(name, file string, frequency time.Duration, rules []Rule, opts *ManagerOptions, notify NotifyFunc, maintenanceStore ruletypes.MaintenanceStore, orgID valuer.UUID) *RuleTask {

-	if frequency == 0 {
+	if time.Now() == time.Now().Add(frequency) {
 		frequency = DefaultFrequency
 	}
 	zap.L().Info("initiating a new rule task", zap.String("name", name), zap.Duration("frequency", frequency))
@@ -78,7 +78,6 @@ func (g *RuleTask) Type() TaskType { return TaskTypeCh }
 func (g *RuleTask) Rules() []Rule { return g.rules }

 // Interval returns the group's interval.
-// TODO: remove (unused)?
 func (g *RuleTask) Interval() time.Duration { return g.frequency }

 func (g *RuleTask) Pause(b bool) {
--- a/pkg/query-service/rules/threshold_rule.go
+++ b/pkg/query-service/rules/threshold_rule.go
@@ -61,8 +61,6 @@ type ThresholdRule struct {
 	spansKeys map[string]v3.AttributeKey
 }

-var _ Rule = (*ThresholdRule)(nil)
-
 func NewThresholdRule(
 	id string,
 	orgID valuer.UUID,
@@ -748,7 +746,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			continue
 		}

-		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration.Duration() {
+		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration {
 			r.logger.DebugContext(ctx, "converting pending alert to firing", "name", r.Name())
 			a.State = model.StateFiring
 			a.FiredAt = ts
@@ -814,7 +812,7 @@ func (r *ThresholdRule) String() string {
 	ar := ruletypes.PostableRule{
 		AlertName:         r.name,
 		RuleCondition:     r.ruleCondition,
-		EvalWindow:        r.evalWindow,
+		EvalWindow:        ruletypes.Duration(r.evalWindow),
 		Labels:            r.labels.Map(),
 		Annotations:       r.annotations.Map(),
 		PreferredChannels: r.preferredChannels,
--- a/pkg/query-service/rules/threshold_rule_test.go
+++ b/pkg/query-service/rules/threshold_rule_test.go
@@ -36,8 +36,8 @@ func TestThresholdRuleEvalBackwardCompat(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -72,7 +72,7 @@ func TestThresholdRuleEvalBackwardCompat(t *testing.T) {
 			},
 		}

-		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 		if err != nil {
 			assert.NoError(t, err)
 		}
@@ -152,8 +152,8 @@ func TestPrepareLinksToLogs(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -189,7 +189,7 @@ func TestPrepareLinksToLogs(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -206,8 +206,8 @@ func TestPrepareLinksToLogsV5(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -250,7 +250,7 @@ func TestPrepareLinksToLogsV5(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -267,8 +267,8 @@ func TestPrepareLinksToTracesV5(t *testing.T) {
 		AlertType: ruletypes.AlertTypeTraces,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -311,7 +311,7 @@ func TestPrepareLinksToTracesV5(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -328,8 +328,8 @@ func TestPrepareLinksToTraces(t *testing.T) {
 		AlertType: ruletypes.AlertTypeTraces,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -365,7 +365,7 @@ func TestPrepareLinksToTraces(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -382,8 +382,8 @@ func TestThresholdRuleLabelNormalization(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -451,7 +451,7 @@ func TestThresholdRuleLabelNormalization(t *testing.T) {
 			},
 		}

-		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 		if err != nil {
 			assert.NoError(t, err)
 		}
@@ -490,8 +490,8 @@ func TestThresholdRuleEvalDelay(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -553,8 +553,8 @@ func TestThresholdRuleClickHouseTmpl(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -594,7 +594,7 @@ func TestThresholdRuleClickHouseTmpl(t *testing.T) {
 	logger := instrumentationtest.New().Logger()

 	for idx, c := range cases {
-		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 		if err != nil {
 			assert.NoError(t, err)
 		}
@@ -615,8 +615,8 @@ func TestThresholdRuleUnitCombinations(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -816,8 +816,8 @@ func TestThresholdRuleNoData(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -927,8 +927,8 @@ func TestThresholdRuleTracesLink(t *testing.T) {
 		AlertType: ruletypes.AlertTypeTraces,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1052,8 +1052,8 @@ func TestThresholdRuleLogsLink(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1190,8 +1190,8 @@ func TestThresholdRuleShiftBy(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			Thresholds: &ruletypes.RuleThresholdData{
@@ -1264,8 +1264,8 @@ func TestMultipleThresholdRule(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1455,8 +1455,8 @@ func TestThresholdRuleEval_BasicCases(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1486,8 +1486,8 @@ func TestThresholdRuleEval_MatchPlusCompareOps(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1523,8 +1523,8 @@ func TestThresholdRuleEval_SendUnmatchedBypassesRecovery(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1559,7 +1559,7 @@ func TestThresholdRuleEval_SendUnmatchedBypassesRecovery(t *testing.T) {
 	}

 	logger := instrumentationtest.New().Logger()
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 	require.NoError(t, err)

 	now := time.Now()
@@ -1611,8 +1611,8 @@ func TestThresholdRuleEval_SendUnmatchedVariants(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1735,8 +1735,8 @@ func TestThresholdRuleEval_RecoveryNotMetSendUnmatchedFalse(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1820,7 +1820,7 @@ func runEvalTests(t *testing.T, postableRule ruletypes.PostableRule, testCases [
 				Spec: thresholds,
 			}

-			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 			if err != nil {
 				assert.NoError(t, err)
 				return
@@ -1927,7 +1927,7 @@ func runMultiThresholdEvalTests(t *testing.T, postableRule ruletypes.PostableRul
 				Spec: thresholds,
 			}

-			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 			if err != nil {
 				assert.NoError(t, err)
 				return
@@ -2035,8 +2035,8 @@ func TestThresholdRuleEval_MultiThreshold(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -2066,8 +2066,8 @@ func TestThresholdEval_RequireMinPoints(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,
--- a/pkg/querybuilder/filter_introspect.go
+++ b/pkg/querybuilder/filter_introspect.go
@@ -0,0 +1,392 @@
+package querybuilder
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	grammar "github.com/SigNoz/signoz/pkg/parser/grammar"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
+	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
+	"github.com/antlr4-go/antlr/v4"
+)
+
+// ExtractFilterExprTree parses a v5 filter expression and returns a logical
+// tree that preserves full boolean structure (AND/OR, parentheses, NOT) as
+// well as the individual conditions (keys, operator, values).
+//
+// This can be reused by callers that need deeper introspection into the logic
+// of the filter expression without constructing any SQL or query-engine
+// specific structures.
+func ExtractFilterExprTree(expr string) (*qbtypes.FilterExprNode, error) {
+	if strings.TrimSpace(expr) == "" {
+		return nil, nil
+	}
+
+	// Setup the ANTLR parsing pipeline (same grammar as PrepareWhereClause).
+	input := antlr.NewInputStream(expr)
+	lexer := grammar.NewFilterQueryLexer(input)
+
+	lexerErrorListener := NewErrorListener()
+	lexer.RemoveErrorListeners()
+	lexer.AddErrorListener(lexerErrorListener)
+
+	tokens := antlr.NewCommonTokenStream(lexer, 0)
+	parserErrorListener := NewErrorListener()
+	parser := grammar.NewFilterQueryParser(tokens)
+	parser.RemoveErrorListeners()
+	parser.AddErrorListener(parserErrorListener)
+
+	tree := parser.Query()
+
+	// Handle syntax errors
+	if len(parserErrorListener.SyntaxErrors) > 0 {
+		combinedErrors := errors.Newf(
+			errors.TypeInvalidInput,
+			errors.CodeInvalidInput,
+			"Found %d syntax errors while parsing the search expression.",
+			len(parserErrorListener.SyntaxErrors),
+		)
+		additionals := make([]string, 0, len(parserErrorListener.SyntaxErrors))
+		for _, err := range parserErrorListener.SyntaxErrors {
+			if err.Error() != "" {
+				additionals = append(additionals, err.Error())
+			}
+		}
+
+		return nil, combinedErrors.WithAdditional(additionals...)
+	}
+
+	visitor := &filterTreeVisitor{}
+	rootAny := visitor.Visit(tree)
+	if len(visitor.errors) > 0 {
+		combinedErrors := errors.Newf(
+			errors.TypeInvalidInput,
+			errors.CodeInvalidInput,
+			"Found %d errors while parsing the search expression.",
+			len(visitor.errors),
+		)
+		return nil, combinedErrors.WithAdditional(visitor.errors...)
+	}
+
+	root, _ := rootAny.(*qbtypes.FilterExprNode)
+	return root, nil
+}
+
+// filterTreeVisitor builds a FilterExprNode tree from the parse tree.
+type filterTreeVisitor struct {
+	errors []string
+}
+
+// Visit dispatches based on node type.
+func (v *filterTreeVisitor) Visit(tree antlr.ParseTree) any {
+	if tree == nil {
+		return nil
+	}
+
+	switch t := tree.(type) {
+	case *grammar.QueryContext:
+		return v.VisitQuery(t)
+	case *grammar.ExpressionContext:
+		return v.VisitExpression(t)
+	case *grammar.OrExpressionContext:
+		return v.VisitOrExpression(t)
+	case *grammar.AndExpressionContext:
+		return v.VisitAndExpression(t)
+	case *grammar.UnaryExpressionContext:
+		return v.VisitUnaryExpression(t)
+	case *grammar.PrimaryContext:
+		return v.VisitPrimary(t)
+	case *grammar.ComparisonContext:
+		return v.VisitComparison(t)
+	default:
+		return nil
+	}
+}
+
+func (v *filterTreeVisitor) VisitQuery(ctx *grammar.QueryContext) any {
+	return v.Visit(ctx.Expression())
+}
+
+func (v *filterTreeVisitor) VisitExpression(ctx *grammar.ExpressionContext) any {
+	return v.Visit(ctx.OrExpression())
+}
+
+func (v *filterTreeVisitor) VisitOrExpression(ctx *grammar.OrExpressionContext) any {
+	andExprs := ctx.AllAndExpression()
+	children := make([]*qbtypes.FilterExprNode, 0, len(andExprs))
+
+	for _, andExpr := range andExprs {
+		if node, ok := v.Visit(andExpr).(*qbtypes.FilterExprNode); ok && node != nil {
+			children = append(children, node)
+		}
+	}
+
+	if len(children) == 0 {
+		return nil
+	}
+	if len(children) == 1 {
+		return children[0]
+	}
+
+	return &qbtypes.FilterExprNode{
+		Op:       qbtypes.LogicalOpOr,
+		Children: children,
+	}
+}
+
+func (v *filterTreeVisitor) VisitAndExpression(ctx *grammar.AndExpressionContext) any {
+	unaryExprs := ctx.AllUnaryExpression()
+	children := make([]*qbtypes.FilterExprNode, 0, len(unaryExprs))
+
+	for _, unary := range unaryExprs {
+		if node, ok := v.Visit(unary).(*qbtypes.FilterExprNode); ok && node != nil {
+			children = append(children, node)
+		}
+	}
+
+	if len(children) == 0 {
+		return nil
+	}
+	if len(children) == 1 {
+		return children[0]
+	}
+
+	return &qbtypes.FilterExprNode{
+		Op:       qbtypes.LogicalOpAnd,
+		Children: children,
+	}
+}
+
+func (v *filterTreeVisitor) VisitUnaryExpression(ctx *grammar.UnaryExpressionContext) any {
+	node, _ := v.Visit(ctx.Primary()).(*qbtypes.FilterExprNode)
+	if node == nil {
+		return nil
+	}
+
+	if ctx.NOT() != nil {
+		node.Negated = !node.Negated
+	}
+
+	return node
+}
+
+func (v *filterTreeVisitor) VisitPrimary(ctx *grammar.PrimaryContext) any {
+	switch {
+	case ctx.OrExpression() != nil:
+		return v.Visit(ctx.OrExpression())
+	case ctx.Comparison() != nil:
+		return v.Visit(ctx.Comparison())
+	default:
+		// We intentionally ignore FullText/FunctionCall here for the tree
+		// representation. They can be added later if needed.
+		return nil
+	}
+}
+
+// VisitComparison builds a leaf node with a single ParsedFilterCondition.
+func (v *filterTreeVisitor) VisitComparison(ctx *grammar.ComparisonContext) any {
+	keys := v.buildKeys(ctx.Key())
+	if len(keys) == 0 {
+		return nil
+	}
+
+	// Handle EXISTS specially
+	if ctx.EXISTS() != nil {
+		op := qbtypes.FilterOperatorExists
+		if ctx.NOT() != nil {
+			op = qbtypes.FilterOperatorNotExists
+		}
+
+		return &qbtypes.FilterExprNode{
+			Op: qbtypes.LogicalOpLeaf,
+			Conditions: []qbtypes.FilterCondition{{
+				Keys:   keys,
+				Op:     op,
+				Value:  nil,
+			}},
+		}
+	}
+
+	// Handle IN / NOT IN
+	if ctx.InClause() != nil || ctx.NotInClause() != nil {
+		values := v.buildValuesFromInClause(ctx.InClause(), ctx.NotInClause())
+
+		op := qbtypes.FilterOperatorIn
+		if ctx.NotInClause() != nil {
+			op = qbtypes.FilterOperatorNotIn
+		}
+
+		return &qbtypes.FilterExprNode{
+			Op: qbtypes.LogicalOpLeaf,
+			Conditions: []qbtypes.FilterCondition{{
+				Keys:   keys,
+				Op:     op,
+				Value:  values,
+			}},
+		}
+	}
+
+	// Handle BETWEEN / NOT BETWEEN
+	if ctx.BETWEEN() != nil {
+		valuesCtx := ctx.AllValue()
+		if len(valuesCtx) != 2 {
+			v.errors = append(v.errors, "BETWEEN operator requires exactly two values")
+			return nil
+		}
+
+		value1 := v.buildValue(valuesCtx[0])
+		value2 := v.buildValue(valuesCtx[1])
+
+		op := qbtypes.FilterOperatorBetween
+		if ctx.NOT() != nil {
+			op = qbtypes.FilterOperatorNotBetween
+		}
+
+		return &qbtypes.FilterExprNode{
+			Op: qbtypes.LogicalOpLeaf,
+			Conditions: []qbtypes.FilterCondition{{
+				Keys:   keys,
+				Op:     op,
+				Value:  []any{value1, value2},
+			}},
+		}
+	}
+
+	// All remaining operators have exactly one value.
+	valuesCtx := ctx.AllValue()
+	if len(valuesCtx) == 0 {
+		v.errors = append(v.errors, "comparison operator requires a value")
+		return nil
+	}
+
+	value := v.buildValue(valuesCtx[0])
+
+	var op qbtypes.FilterOperator
+	switch {
+	case ctx.EQUALS() != nil:
+		op = qbtypes.FilterOperatorEqual
+	case ctx.NOT_EQUALS() != nil || ctx.NEQ() != nil:
+		op = qbtypes.FilterOperatorNotEqual
+	case ctx.LT() != nil:
+		op = qbtypes.FilterOperatorLessThan
+	case ctx.LE() != nil:
+		op = qbtypes.FilterOperatorLessThanOrEq
+	case ctx.GT() != nil:
+		op = qbtypes.FilterOperatorGreaterThan
+	case ctx.GE() != nil:
+		op = qbtypes.FilterOperatorGreaterThanOrEq
+	case ctx.LIKE() != nil:
+		op = qbtypes.FilterOperatorLike
+		if ctx.NOT() != nil {
+			op = qbtypes.FilterOperatorNotLike
+		}
+	case ctx.ILIKE() != nil:
+		op = qbtypes.FilterOperatorILike
+		if ctx.NOT() != nil {
+			op = qbtypes.FilterOperatorNotILike
+		}
+	case ctx.REGEXP() != nil:
+		op = qbtypes.FilterOperatorRegexp
+		if ctx.NOT() != nil {
+			op = qbtypes.FilterOperatorNotRegexp
+		}
+	case ctx.CONTAINS() != nil:
+		op = qbtypes.FilterOperatorContains
+		if ctx.NOT() != nil {
+			op = qbtypes.FilterOperatorNotContains
+		}
+	default:
+		v.errors = append(v.errors, fmt.Sprintf("unsupported comparison operator in expression: %s", ctx.GetText()))
+		return nil
+	}
+
+	return &qbtypes.FilterExprNode{
+		Op: qbtypes.LogicalOpLeaf,
+		Conditions: []qbtypes.FilterCondition{{
+			Keys:   keys,
+			Op:     op,
+			Value:  value,
+		}},
+	}
+}
+
+// buildKeys turns a key context into a slice of TelemetryFieldKey.
+func (v *filterTreeVisitor) buildKeys(ctx grammar.IKeyContext) []*telemetrytypes.TelemetryFieldKey {
+	if ctx == nil {
+		return nil
+	}
+	text := ctx.GetText()
+	key := telemetrytypes.GetFieldKeyFromKeyText(text)
+	return []*telemetrytypes.TelemetryFieldKey{&key}
+}
+
+// buildValuesFromInClause handles the IN/NOT IN value side.
+func (v *filterTreeVisitor) buildValuesFromInClause(in grammar.IInClauseContext, notIn grammar.INotInClauseContext) []any {
+	var ctxVal any
+	if in != nil {
+		ctxVal = v.visitInClause(in)
+	} else if notIn != nil {
+		ctxVal = v.visitNotInClause(notIn)
+	}
+
+	switch ret := ctxVal.(type) {
+	case []any:
+		return ret
+	case any:
+		if ret != nil {
+			return []any{ret}
+		}
+	}
+	return nil
+}
+
+func (v *filterTreeVisitor) visitInClause(ctx grammar.IInClauseContext) any {
+	if ctx.ValueList() != nil {
+		return v.visitValueList(ctx.ValueList())
+	}
+	return v.buildValue(ctx.Value())
+}
+
+func (v *filterTreeVisitor) visitNotInClause(ctx grammar.INotInClauseContext) any {
+	if ctx.ValueList() != nil {
+		return v.visitValueList(ctx.ValueList())
+	}
+	return v.buildValue(ctx.Value())
+}
+
+func (v *filterTreeVisitor) visitValueList(ctx grammar.IValueListContext) any {
+	values := ctx.AllValue()
+	parts := make([]any, 0, len(values))
+	for _, val := range values {
+		parts = append(parts, v.buildValue(val))
+	}
+	return parts
+}
+
+// buildValue converts literal values into Go types (string, float64, bool).
+func (v *filterTreeVisitor) buildValue(ctx grammar.IValueContext) any {
+	switch {
+	case ctx == nil:
+		return nil
+	case ctx.QUOTED_TEXT() != nil:
+		txt := ctx.QUOTED_TEXT().GetText()
+		return trimQuotes(txt)
+	case ctx.NUMBER() != nil:
+		number, err := strconv.ParseFloat(ctx.NUMBER().GetText(), 64)
+		if err != nil {
+			v.errors = append(v.errors, fmt.Sprintf("failed to parse number %s", ctx.NUMBER().GetText()))
+			return nil
+		}
+		return number
+	case ctx.BOOL() != nil:
+		boolText := strings.ToLower(ctx.BOOL().GetText())
+		return boolText == "true"
+	case ctx.KEY() != nil:
+		return ctx.KEY().GetText()
+	default:
+		return nil
+	}
+}
+
--- a/pkg/querybuilder/filter_introspect_test.go
+++ b/pkg/querybuilder/filter_introspect_test.go
@@ -0,0 +1,351 @@
+package querybuilder
+
+import (
+	"reflect"
+	"testing"
+
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
+	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
+)
+
+// helper to build a simple key with unspecified context/datatype.
+func fk(_ *testing.T, name string) *telemetrytypes.TelemetryFieldKey {
+	key := telemetrytypes.GetFieldKeyFromKeyText(name)
+	return &key
+}
+
+func TestExtractFilterExprTree_NestedConditions(t *testing.T) {
+	tests := []struct {
+		name    string
+		expr    string
+		want    *qbtypes.FilterExprNode
+		wantErr bool
+	}{
+		{
+			name: "empty expression returns nil",
+			expr: "   ",
+			want: nil,
+		},
+		{
+			name:    "invalid expression returns error",
+			expr:    "attributes.key =",
+			wantErr: true,
+		},
+		{
+			name: "single simple equality leaf",
+			expr: "attributes.host.name = 'frontend'",
+			want: &qbtypes.FilterExprNode{
+				Op: qbtypes.LogicalOpLeaf,
+				Conditions: []qbtypes.FilterCondition{
+					{
+						Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.host.name")},
+						Op:    qbtypes.FilterOperatorEqual,
+						Value: "frontend",
+					},
+				},
+			},
+		},
+		{
+			name: "AND with BETWEEN numeric range and NOT boolean comparison",
+			expr: "attributes.status_code BETWEEN 500 AND 599 AND NOT attributes.is_error = true",
+			want: &qbtypes.FilterExprNode{
+				Op: qbtypes.LogicalOpAnd,
+				Children: []*qbtypes.FilterExprNode{
+					{
+						Op: qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys: []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.status_code")},
+								Op:   qbtypes.FilterOperatorBetween,
+								Value: []any{
+									float64(500),
+									float64(599),
+								},
+							},
+						},
+					},
+					{
+						Negated: true,
+						Op:      qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.is_error")},
+								Op:    qbtypes.FilterOperatorEqual,
+								Value: true,
+							},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "OR with IN list and NOT IN list using different syntaxes",
+			expr: "attributes.service.name IN ('api','worker') OR resource.region NOT IN [\"us-east-1\",\"us-west-2\"]",
+			want: &qbtypes.FilterExprNode{
+				Op: qbtypes.LogicalOpOr,
+				Children: []*qbtypes.FilterExprNode{
+					{
+						Op: qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys: []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.service.name")},
+								Op:   qbtypes.FilterOperatorIn,
+								Value: []any{
+									"api",
+									"worker",
+								},
+							},
+						},
+					},
+					{
+						Op: qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys: []*telemetrytypes.TelemetryFieldKey{fk(t, "resource.region")},
+								Op:   qbtypes.FilterOperatorNotIn,
+								Value: []any{
+									"us-east-1",
+									"us-west-2",
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "AND chain of string pattern operators with NOT variants",
+			expr: "attributes.message LIKE 'error%' AND attributes.message NOT ILIKE '%debug%' AND attributes.message REGEXP 'err[0-9]+' AND attributes.message NOT CONTAINS 'trace'",
+			want: &qbtypes.FilterExprNode{
+				Op: qbtypes.LogicalOpAnd,
+				Children: []*qbtypes.FilterExprNode{
+					{
+						Op: qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.message")},
+								Op:    qbtypes.FilterOperatorLike,
+								Value: "error%",
+							},
+						},
+					},
+					{
+						Op: qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.message")},
+								Op:    qbtypes.FilterOperatorNotILike,
+								Value: "%debug%",
+							},
+						},
+					},
+					{
+						Op: qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.message")},
+								Op:    qbtypes.FilterOperatorRegexp,
+								Value: "err[0-9]+",
+							},
+						},
+					},
+					{
+						Op: qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.message")},
+								Op:    qbtypes.FilterOperatorNotContains,
+								Value: "trace",
+							},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "EXISTS and NOT EXISTS in OR expression",
+			expr: "attributes.host EXISTS OR attributes.cluster NOT EXISTS",
+			want: &qbtypes.FilterExprNode{
+				Op: qbtypes.LogicalOpOr,
+				Children: []*qbtypes.FilterExprNode{
+					{
+						Op: qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.host")},
+								Op:    qbtypes.FilterOperatorExists,
+								Value: nil,
+							},
+						},
+					},
+					{
+						Op: qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.cluster")},
+								Op:    qbtypes.FilterOperatorNotExists,
+								Value: nil,
+							},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "KEY used as value in equality",
+			expr: "attributes.left = other_key",
+			want: &qbtypes.FilterExprNode{
+				Op: qbtypes.LogicalOpLeaf,
+				Conditions: []qbtypes.FilterCondition{
+					{
+						Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.left")},
+						Op:    qbtypes.FilterOperatorEqual,
+						Value: "other_key",
+					},
+				},
+			},
+		},
+		{
+			name: "nested OR inside AND with NOT on inner group",
+			// NOT applies to the whole parenthesized OR group.
+			expr: "attributes.env = 'prod' AND NOT (attributes.team = 'core' OR attributes.team = 'platform')",
+			want: &qbtypes.FilterExprNode{
+				Op: qbtypes.LogicalOpAnd,
+				Children: []*qbtypes.FilterExprNode{
+					{
+						Op: qbtypes.LogicalOpLeaf,
+						Conditions: []qbtypes.FilterCondition{
+							{
+								Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.env")},
+								Op:    qbtypes.FilterOperatorEqual,
+								Value: "prod",
+							},
+						},
+					},
+					{
+						Negated: true,
+						Op:      qbtypes.LogicalOpOr,
+						Children: []*qbtypes.FilterExprNode{
+							{
+								Op: qbtypes.LogicalOpLeaf,
+								Conditions: []qbtypes.FilterCondition{
+									{
+										Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.team")},
+										Op:    qbtypes.FilterOperatorEqual,
+										Value: "core",
+									},
+								},
+							},
+							{
+								Op: qbtypes.LogicalOpLeaf,
+								Conditions: []qbtypes.FilterCondition{
+									{
+										Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.team")},
+										Op:    qbtypes.FilterOperatorEqual,
+										Value: "platform",
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "multiple nesting levels mixing AND/OR",
+			expr: "(attributes.status = 'critical' OR attributes.status = 'warning') AND (resource.region = 'us-east-1' OR (resource.region = 'us-west-2' AND attributes.tier = 'backend'))",
+			want: &qbtypes.FilterExprNode{
+				Op: qbtypes.LogicalOpAnd,
+				Children: []*qbtypes.FilterExprNode{
+					{
+						Op: qbtypes.LogicalOpOr,
+						Children: []*qbtypes.FilterExprNode{
+							{
+								Op: qbtypes.LogicalOpLeaf,
+								Conditions: []qbtypes.FilterCondition{
+									{
+										Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.status")},
+										Op:    qbtypes.FilterOperatorEqual,
+										Value: "critical",
+									},
+								},
+							},
+							{
+								Op: qbtypes.LogicalOpLeaf,
+								Conditions: []qbtypes.FilterCondition{
+									{
+										Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.status")},
+										Op:    qbtypes.FilterOperatorEqual,
+										Value: "warning",
+									},
+								},
+							},
+						},
+					},
+					{
+						Op: qbtypes.LogicalOpOr,
+						Children: []*qbtypes.FilterExprNode{
+							{
+								Op: qbtypes.LogicalOpLeaf,
+								Conditions: []qbtypes.FilterCondition{
+									{
+										Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "resource.region")},
+										Op:    qbtypes.FilterOperatorEqual,
+										Value: "us-east-1",
+									},
+								},
+							},
+							{
+								Op: qbtypes.LogicalOpAnd,
+								Children: []*qbtypes.FilterExprNode{
+									{
+										Op: qbtypes.LogicalOpLeaf,
+										Conditions: []qbtypes.FilterCondition{
+											{
+												Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "resource.region")},
+												Op:    qbtypes.FilterOperatorEqual,
+												Value: "us-west-2",
+											},
+										},
+									},
+									{
+										Op: qbtypes.LogicalOpLeaf,
+										Conditions: []qbtypes.FilterCondition{
+											{
+												Keys:  []*telemetrytypes.TelemetryFieldKey{fk(t, "attributes.tier")},
+												Op:    qbtypes.FilterOperatorEqual,
+												Value: "backend",
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		tt := tt
+		t.Run(tt.name, func(t *testing.T) {
+			got, err := ExtractFilterExprTree(tt.expr)
+
+			if tt.wantErr {
+				if err == nil {
+					t.Fatalf("expected error, got nil")
+				}
+				return
+			}
+
+			if err != nil {
+				t.Fatalf("unexpected error: %v", err)
+			}
+
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Fatalf("unexpected tree for expr %q\n got:  %#v\n want: %#v", tt.expr, got, tt.want)
+			}
+		})
+	}
+}
--- a/pkg/signoz/handler.go
+++ b/pkg/signoz/handler.go
@@ -1,8 +1,6 @@
 package signoz

 import (
-	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/authz/signozauthzapi"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/gateway"
@@ -13,14 +11,14 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/apdex/implapdex"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
-	"github.com/SigNoz/signoz/pkg/modules/fields"
-	"github.com/SigNoz/signoz/pkg/modules/fields/implfields"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer/implmetricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/quickfilter"
 	"github.com/SigNoz/signoz/pkg/modules/quickfilter/implquickfilter"
 	"github.com/SigNoz/signoz/pkg/modules/rawdataexport"
 	"github.com/SigNoz/signoz/pkg/modules/rawdataexport/implrawdataexport"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/modules/savedview"
 	"github.com/SigNoz/signoz/pkg/modules/savedview/implsavedview"
 	"github.com/SigNoz/signoz/pkg/modules/services"
@@ -30,7 +28,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/tracefunnel"
 	"github.com/SigNoz/signoz/pkg/modules/tracefunnel/impltracefunnel"
 	"github.com/SigNoz/signoz/pkg/querier"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 )

 type Handlers struct {
@@ -46,21 +43,10 @@ type Handlers struct {
 	Global          global.Handler
 	FlaggerHandler  flagger.Handler
 	GatewayHandler  gateway.Handler
-	Fields          fields.Handler
-	AuthzHandler    authz.Handler
+	Role            role.Handler
 }

-func NewHandlers(
-	modules Modules,
-	providerSettings factory.ProviderSettings,
-	querier querier.Querier,
-	licensing licensing.Licensing,
-	global global.Global,
-	flaggerService flagger.Flagger,
-	gatewayService gateway.Gateway,
-	telemetryMetadataStore telemetrytypes.MetadataStore,
-	authz authz.AuthZ,
-) Handlers {
+func NewHandlers(modules Modules, providerSettings factory.ProviderSettings, querier querier.Querier, licensing licensing.Licensing, global global.Global, flaggerService flagger.Flagger, gatewayService gateway.Gateway) Handlers {
 	return Handlers{
 		SavedView:       implsavedview.NewHandler(modules.SavedView),
 		Apdex:           implapdex.NewHandler(modules.Apdex),
@@ -74,7 +60,6 @@ func NewHandlers(
 		Global:          signozglobal.NewHandler(global),
 		FlaggerHandler:  flagger.NewHandler(flaggerService),
 		GatewayHandler:  gateway.NewHandler(gatewayService),
-		Fields:          implfields.NewHandler(providerSettings, telemetryMetadataStore),
-		AuthzHandler:    signozauthzapi.NewHandler(authz),
+		Role:            implrole.NewHandler(modules.RoleSetter, modules.RoleGetter),
 	}
 }
--- a/pkg/signoz/handler_test.go
+++ b/pkg/signoz/handler_test.go
@@ -13,6 +13,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory/factorytest"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
+	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/sharder"
 	"github.com/SigNoz/signoz/pkg/sharder/noopsharder"
@@ -40,9 +41,13 @@ func TestNewHandlers(t *testing.T) {
 	queryParser := queryparser.New(providerSettings)
 	require.NoError(t, err)
 	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), providerSettings, nil, orgGetter, queryParser)
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule)
+	roleSetter := implrole.NewSetter(implrole.NewStore(sqlstore), nil)
+	roleGetter := implrole.NewGetter(implrole.NewStore(sqlstore))
+	grantModule := implrole.NewGranter(implrole.NewStore(sqlstore), nil)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, roleSetter, roleGetter, grantModule)
+
+	handlers := NewHandlers(modules, providerSettings, nil, nil, nil, nil, nil)

-	handlers := NewHandlers(modules, providerSettings, nil, nil, nil, nil, nil, nil, nil)
 	reflectVal := reflect.ValueOf(handlers)
 	for i := 0; i < reflectVal.NumField(); i++ {
 		f := reflectVal.Field(i)
--- a/pkg/signoz/module.go
+++ b/pkg/signoz/module.go
@@ -25,6 +25,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/quickfilter/implquickfilter"
 	"github.com/SigNoz/signoz/pkg/modules/rawdataexport"
 	"github.com/SigNoz/signoz/pkg/modules/rawdataexport/implrawdataexport"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/modules/savedview"
 	"github.com/SigNoz/signoz/pkg/modules/savedview/implsavedview"
 	"github.com/SigNoz/signoz/pkg/modules/services"
@@ -66,6 +67,9 @@ type Modules struct {
 	SpanPercentile  spanpercentile.Module
 	MetricsExplorer metricsexplorer.Module
 	Promote         promote.Module
+	RoleSetter      role.Setter
+	RoleGetter      role.Getter
+	Granter         role.Granter
 }

 func NewModules(
@@ -85,10 +89,13 @@ func NewModules(
 	queryParser queryparser.QueryParser,
 	config Config,
 	dashboard dashboard.Module,
+	roleSetter role.Setter,
+	roleGetter role.Getter,
+	granter role.Granter,
 ) Modules {
 	quickfilter := implquickfilter.NewModule(implquickfilter.NewStore(sqlstore))
 	orgSetter := implorganization.NewSetter(implorganization.NewStore(sqlstore), alertmanager, quickfilter)
-	user := impluser.NewModule(impluser.NewStore(sqlstore, providerSettings), tokenizer, emailing, providerSettings, orgSetter, authz, analytics, config.User)
+	user := impluser.NewModule(impluser.NewStore(sqlstore, providerSettings), tokenizer, emailing, providerSettings, orgSetter, granter, analytics, config.User)
 	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings))
 	ruleStore := sqlrulestore.NewRuleStore(sqlstore, queryParser, providerSettings)

@@ -110,5 +117,8 @@ func NewModules(
 		Services:        implservices.NewModule(querier, telemetryStore),
 		MetricsExplorer: implmetricsexplorer.NewModule(telemetryStore, telemetryMetadataStore, cache, ruleStore, dashboard, providerSettings, config.MetricsExplorer),
 		Promote:         implpromote.NewModule(telemetryMetadataStore, telemetryStore),
+		RoleSetter:      roleSetter,
+		RoleGetter:      roleGetter,
+		Granter:         granter,
 	}
 }
--- a/pkg/signoz/module_test.go
+++ b/pkg/signoz/module_test.go
@@ -13,6 +13,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory/factorytest"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
+	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/sharder"
 	"github.com/SigNoz/signoz/pkg/sharder/noopsharder"
@@ -40,7 +41,10 @@ func TestNewModules(t *testing.T) {
 	queryParser := queryparser.New(providerSettings)
 	require.NoError(t, err)
 	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), providerSettings, nil, orgGetter, queryParser)
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule)
+	roleSetter := implrole.NewSetter(implrole.NewStore(sqlstore), nil)
+	roleGetter := implrole.NewGetter(implrole.NewStore(sqlstore))
+	grantModule := implrole.NewGranter(implrole.NewStore(sqlstore), nil)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, roleSetter, roleGetter, grantModule)

 	reflectVal := reflect.ValueOf(modules)
 	for i := 0; i < reflectVal.NumField(); i++ {
--- a/pkg/signoz/openapi.go
+++ b/pkg/signoz/openapi.go
@@ -15,11 +15,11 @@ import (
 	"github.com/SigNoz/signoz/pkg/instrumentation"
 	"github.com/SigNoz/signoz/pkg/modules/authdomain"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
-	"github.com/SigNoz/signoz/pkg/modules/fields"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/preference"
 	"github.com/SigNoz/signoz/pkg/modules/promote"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/modules/session"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
@@ -50,8 +50,8 @@ func NewOpenAPI(ctx context.Context, instrumentation instrumentation.Instrumenta
 		struct{ dashboard.Handler }{},
 		struct{ metricsexplorer.Handler }{},
 		struct{ gateway.Handler }{},
-		struct{ fields.Handler }{},
-		struct{ authz.Handler }{},
+		struct{ role.Getter }{},
+		struct{ role.Handler }{},
 	).New(ctx, instrumentation.ToProviderSettings(), apiserver.Config{})
 	if err != nil {
 		return nil, err
--- a/pkg/signoz/provider.go
+++ b/pkg/signoz/provider.go
@@ -166,7 +166,6 @@ func NewSQLMigrationProviderFactories(
 		sqlmigration.NewAddAuthzIndexFactory(sqlstore, sqlschema),
 		sqlmigration.NewMigrateRbacToAuthzFactory(sqlstore),
 		sqlmigration.NewMigratePublicDashboardsFactory(sqlstore),
-		sqlmigration.NewAddAnonymousPublicDashboardTransactionFactory(sqlstore),
 	)
 }

@@ -248,8 +247,8 @@ func NewAPIServerProviderFactories(orgGetter organization.Getter, authz authz.Au
 			handlers.Dashboard,
 			handlers.MetricsExplorer,
 			handlers.GatewayHandler,
-			handlers.Fields,
-			handlers.AuthzHandler,
+			modules.RoleGetter,
+			handlers.Role,
 		),
 	)
 }
--- a/pkg/signoz/signoz.go
+++ b/pkg/signoz/signoz.go
@@ -21,6 +21,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
 	"github.com/SigNoz/signoz/pkg/prometheus"
 	"github.com/SigNoz/signoz/pkg/querier"
@@ -87,9 +89,10 @@ func New(
 	sqlstoreProviderFactories factory.NamedMap[factory.ProviderFactory[sqlstore.SQLStore, sqlstore.Config]],
 	telemetrystoreProviderFactories factory.NamedMap[factory.ProviderFactory[telemetrystore.TelemetryStore, telemetrystore.Config]],
 	authNsCallback func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error),
-	authzCallback func(context.Context, sqlstore.SQLStore, licensing.Licensing, dashboard.Module) factory.ProviderFactory[authz.AuthZ, authz.Config],
-	dashboardModuleCallback func(sqlstore.SQLStore, factory.ProviderSettings, analytics.Analytics, organization.Getter, queryparser.QueryParser, querier.Querier, licensing.Licensing) dashboard.Module,
+	authzCallback func(context.Context, sqlstore.SQLStore) factory.ProviderFactory[authz.AuthZ, authz.Config],
+	dashboardModuleCallback func(sqlstore.SQLStore, factory.ProviderSettings, analytics.Analytics, organization.Getter, role.Setter, role.Granter, queryparser.QueryParser, querier.Querier, licensing.Licensing) dashboard.Module,
 	gatewayProviderFactory func(licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config],
+	roleSetterCallback func(sqlstore.SQLStore, authz.AuthZ, licensing.Licensing, []role.RegisterTypeable) role.Setter,
 ) (*SigNoz, error) {
 	// Initialize instrumentation
 	instrumentation, err := instrumentation.New(ctx, config.Instrumentation, version.Info, "signoz")
@@ -281,24 +284,11 @@ func New(
 	// Initialize user getter
 	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings))

-	licensingProviderFactory := licenseProviderFactory(sqlstore, zeus, orgGetter, analytics)
-	licensing, err := licensingProviderFactory.New(
-		ctx,
-		providerSettings,
-		licenseConfig,
-	)
-	if err != nil {
-		return nil, err
-	}
-
-	// Initialize query parser (needed for dashboard module)
-	queryParser := queryparser.New(providerSettings)
-
-	// Initialize dashboard module (needed for authz registry)
-	dashboard := dashboardModuleCallback(sqlstore, providerSettings, analytics, orgGetter, queryParser, querier, licensing)
+	// Initialize the role getter
+	roleGetter := implrole.NewGetter(implrole.NewStore(sqlstore))

 	// Initialize authz
-	authzProviderFactory := authzCallback(ctx, sqlstore, licensing, dashboard)
+	authzProviderFactory := authzCallback(ctx, sqlstore)
 	authz, err := authzProviderFactory.New(ctx, providerSettings, authz.Config{})
 	if err != nil {
 		return nil, err
@@ -328,6 +318,9 @@ func New(
 		return nil, err
 	}

+	// Initialize query parser
+	queryParser := queryparser.New(providerSettings)
+
 	// Initialize ruler from the available ruler provider factories
 	ruler, err := factory.NewProviderFromNamedMap(
 		ctx,
@@ -340,6 +333,16 @@ func New(
 		return nil, err
 	}

+	licensingProviderFactory := licenseProviderFactory(sqlstore, zeus, orgGetter, analytics)
+	licensing, err := licensingProviderFactory.New(
+		ctx,
+		providerSettings,
+		licenseConfig,
+	)
+	if err != nil {
+		return nil, err
+	}
+
 	gatewayFactory := gatewayProviderFactory(licensing)
 	gateway, err := gatewayFactory.New(ctx, providerSettings, config.Gateway)
 	if err != nil {
@@ -387,10 +390,13 @@ func New(
 	}

 	// Initialize all modules
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard)
+	roleSetter := roleSetterCallback(sqlstore, authz, licensing, nil)
+	granter := implrole.NewGranter(implrole.NewStore(sqlstore), authz)
+	dashboard := dashboardModuleCallback(sqlstore, providerSettings, analytics, orgGetter, roleSetter, granter, queryParser, querier, licensing)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard, roleSetter, roleGetter, granter)

 	// Initialize all handlers for the modules
-	handlers := NewHandlers(modules, providerSettings, querier, licensing, global, flagger, gateway, telemetryMetadataStore, authz)
+	handlers := NewHandlers(modules, providerSettings, querier, licensing, global, flagger, gateway)

 	// Initialize the API server
 	apiserver, err := factory.NewProviderFromNamedMap(
--- a/pkg/sqlmigration/063_add_public_dashboard_txn.go
+++ b/pkg/sqlmigration/063_add_public_dashboard_txn.go
@@ -1,154 +0,0 @@
-package sqlmigration
-
-import (
-	"context"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/sqlstore"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
-	"github.com/oklog/ulid/v2"
-	"github.com/uptrace/bun"
-	"github.com/uptrace/bun/dialect"
-	"github.com/uptrace/bun/migrate"
-)
-
-type addAnonymousPublicDashboardTransaction struct {
-	sqlstore sqlstore.SQLStore
-}
-
-func NewAddAnonymousPublicDashboardTransactionFactory(sqlstore sqlstore.SQLStore) factory.ProviderFactory[SQLMigration, Config] {
-	return factory.NewProviderFactory(factory.MustNewName("add_public_dashboard_txn"), func(ctx context.Context, ps factory.ProviderSettings, c Config) (SQLMigration, error) {
-		return newAddAnonymousPublicDashboardTransaction(ctx, ps, c, sqlstore)
-	})
-}
-
-func newAddAnonymousPublicDashboardTransaction(_ context.Context, _ factory.ProviderSettings, _ Config, sqlstore sqlstore.SQLStore) (SQLMigration, error) {
-	return &addAnonymousPublicDashboardTransaction{
-		sqlstore: sqlstore,
-	}, nil
-}
-
-func (migration *addAnonymousPublicDashboardTransaction) Register(migrations *migrate.Migrations) error {
-	if err := migrations.Register(migration.Up, migration.Down); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (migration *addAnonymousPublicDashboardTransaction) Up(ctx context.Context, db *bun.DB) error {
-	tx, err := db.BeginTx(ctx, nil)
-	if err != nil {
-		return err
-	}
-
-	defer func() {
-		_ = tx.Rollback()
-	}()
-
-	var storeID string
-	err = tx.QueryRowContext(ctx, `SELECT id FROM store WHERE name = ? LIMIT 1`, "signoz").Scan(&storeID)
-	if err != nil {
-		return err
-	}
-
-	// fetch all the orgs for which we need to insert the anonymous public dashboard transaction tuple.
-	orgIDs := []string{}
-	rows, err := tx.QueryContext(ctx, `SELECT id FROM organizations`)
-	if err != nil {
-		return err
-	}
-	defer rows.Close()
-
-	for rows.Next() {
-		var orgID string
-		if err := rows.Scan(&orgID); err != nil {
-			return err
-		}
-		orgIDs = append(orgIDs, orgID)
-	}
-
-	for _, orgID := range orgIDs {
-		// based on openfga tuple and changelog id's are same for writes.
-		// ref: https://github.com/openfga/openfga/blob/main/pkg/storage/sqlite/sqlite.go#L467
-		entropy := ulid.DefaultEntropy()
-		now := time.Now().UTC()
-		tupleID := ulid.MustNew(ulid.Timestamp(now), entropy).String()
-
-		// Add wildcard (*) transaction for signoz-anonymous role to read all public-dashboards
-		// This grants the signoz-anonymous role read access to all public dashboards in the organization
-		if migration.sqlstore.BunDB().Dialect().Name() == dialect.PG {
-			result, err := tx.ExecContext(ctx, `
-			INSERT INTO tuple (store, object_type, object_id, relation, _user, user_type, ulid, inserted_at)
-			VALUES (?, ?, ?, ?, ?, ?, ?, ?)
-			ON CONFLICT (store, object_type, object_id, relation, _user) DO NOTHING`,
-				storeID, "metaresource", "organization/"+orgID+"/public-dashboard/*", "read", "role:organization/"+orgID+"/role/"+roletypes.SigNozAnonymousRoleName+"#assignee", "userset", tupleID, now,
-			)
-			if err != nil {
-				return err
-			}
-
-			rowsAffected, err := result.RowsAffected()
-			if err != nil {
-				return err
-			}
-
-			if rowsAffected == 0 {
-				continue
-			}
-
-			_, err = tx.ExecContext(ctx, `
-			INSERT INTO changelog (store, object_type, object_id, relation, _user, operation, ulid, inserted_at)
-			VALUES (?, ?, ?, ?, ?, ?, ?, ?)
-			ON CONFLICT (store, ulid, object_type) DO NOTHING`,
-				storeID, "metaresource", "organization/"+orgID+"/public-dashboard/*", "read", "role:organization/"+orgID+"/role/"+roletypes.SigNozAnonymousRoleName+"#assignee", "TUPLE_OPERATION_WRITE", tupleID, now,
-			)
-			if err != nil {
-				return err
-			}
-
-		} else {
-			result, err := tx.ExecContext(ctx, `
-			INSERT INTO tuple (store, object_type, object_id, relation, user_object_type, user_object_id, user_relation, user_type, ulid, inserted_at)
-			VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-			ON CONFLICT (store, object_type, object_id, relation, user_object_type, user_object_id, user_relation) DO NOTHING`,
-				storeID, "metaresource", "organization/"+orgID+"/public-dashboard/*", "read", "role", "organization/"+orgID+"/role/"+roletypes.SigNozAnonymousRoleName, "assignee", "userset", tupleID, now,
-			)
-			if err != nil {
-				return err
-			}
-
-			rowsAffected, err := result.RowsAffected()
-			if err != nil {
-				return err
-			}
-
-			if rowsAffected == 0 {
-				continue
-			}
-
-			_, err = tx.ExecContext(ctx, `
-			INSERT INTO changelog (store, object_type, object_id, relation, user_object_type, user_object_id, user_relation, operation, ulid, inserted_at)
-			VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-			ON CONFLICT (store, ulid, object_type) DO NOTHING`,
-				storeID, "metaresource", "organization/"+orgID+"/public-dashboard/*", "read", "role", "organization/"+orgID+"/role/"+roletypes.SigNozAnonymousRoleName, "assignee", 0, tupleID, now,
-			)
-			if err != nil {
-				return err
-			}
-		}
-
-	}
-
-	err = tx.Commit()
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (migration *addAnonymousPublicDashboardTransaction) Down(context.Context, *bun.DB) error {
-	return nil
-}
--- a/pkg/types/authtypes/selector.go
+++ b/pkg/types/authtypes/selector.go
@@ -20,19 +20,15 @@ var (
 )

 var (
-	typeUserSelectorRegex         = regexp.MustCompile(`^(^[0-9a-f]{8}(?:\-[0-9a-f]{4}){3}-[0-9a-f]{12}$|\*)$`)
-	typeRoleSelectorRegex         = regexp.MustCompile(`^([a-z-]{1,50}|\*)$`)
+	typeUserSelectorRegex         = regexp.MustCompile(`^[0-9a-f]{8}(?:\-[0-9a-f]{4}){3}-[0-9a-f]{12}$`)
+	typeRoleSelectorRegex         = regexp.MustCompile(`^[a-z-]{1,50}$`)
 	typeAnonymousSelectorRegex    = regexp.MustCompile(`^\*$`)
-	typeOrganizationSelectorRegex = regexp.MustCompile(`^(^[0-9a-f]{8}(?:\-[0-9a-f]{4}){3}-[0-9a-f]{12}$|\*)$`)
+	typeOrganizationSelectorRegex = regexp.MustCompile(`^[0-9a-f]{8}(?:\-[0-9a-f]{4}){3}-[0-9a-f]{12}$`)
 	typeMetaResourceSelectorRegex = regexp.MustCompile(`^(^[0-9a-f]{8}(?:\-[0-9a-f]{4}){3}-[0-9a-f]{12}$|\*)$`)
-	// metaresources selectors are used to select either all or none until we introduce some hierarchy here.
+	// metaresources selectors are used to select either all or none
 	typeMetaResourcesSelectorRegex = regexp.MustCompile(`^\*$`)
 )

-var (
-	WildCardSelectorString = "*"
-)
-
 type SelectorCallbackWithClaimsFn func(*http.Request, Claims) ([]Selector, error)
 type SelectorCallbackWithoutClaimsFn func(*http.Request, []*types.Organization) ([]Selector, valuer.UUID, error)

--- a/pkg/types/authtypes/typeable_metaresource.go
+++ b/pkg/types/authtypes/typeable_metaresource.go
@@ -24,10 +24,9 @@ func MustNewTypeableMetaResource(name Name) Typeable {
 	return typeableesource
 }

-func (typeableMetaResource *typeableMetaResource) Tuples(subject string, relation Relation, selectors []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+func (typeableMetaResource *typeableMetaResource) Tuples(subject string, relation Relation, selector []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := make([]*openfgav1.TupleKey, 0)
-
-	for _, selector := range selectors {
+	for _, selector := range selector {
 		object := typeableMetaResource.Prefix(orgID) + "/" + selector.String()
 		tuples = append(tuples, &openfgav1.TupleKey{User: subject, Relation: relation.StringValue(), Object: object})
 	}
--- a/pkg/types/authtypes/typeable_metaresources.go
+++ b/pkg/types/authtypes/typeable_metaresources.go
@@ -24,10 +24,9 @@ func MustNewTypeableMetaResources(name Name) Typeable {
 	return resources
 }

-func (typeableResources *typeableMetaResources) Tuples(subject string, relation Relation, selectors []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+func (typeableResources *typeableMetaResources) Tuples(subject string, relation Relation, selector []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := make([]*openfgav1.TupleKey, 0)
-
-	for _, selector := range selectors {
+	for _, selector := range selector {
 		object := typeableResources.Prefix(orgID) + "/" + selector.String()
 		tuples = append(tuples, &openfgav1.TupleKey{User: subject, Relation: relation.StringValue(), Object: object})
 	}
--- a/pkg/types/authtypes/typeable_organization.go
+++ b/pkg/types/authtypes/typeable_organization.go
@@ -11,10 +11,9 @@ var _ Typeable = new(typeableOrganization)

 type typeableOrganization struct{}

-func (typeableOrganization *typeableOrganization) Tuples(subject string, relation Relation, selectors []Selector, _ valuer.UUID) ([]*openfgav1.TupleKey, error) {
+func (typeableOrganization *typeableOrganization) Tuples(subject string, relation Relation, selector []Selector, _ valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := make([]*openfgav1.TupleKey, 0)
-
-	for _, selector := range selectors {
+	for _, selector := range selector {
 		object := strings.Join([]string{typeableOrganization.Type().StringValue(), selector.String()}, ":")
 		tuples = append(tuples, &openfgav1.TupleKey{User: subject, Relation: relation.StringValue(), Object: object})
 	}
--- a/pkg/types/authtypes/typeable_role.go
+++ b/pkg/types/authtypes/typeable_role.go
@@ -9,10 +9,9 @@ var _ Typeable = new(typeableRole)

 type typeableRole struct{}

-func (typeableRole *typeableRole) Tuples(subject string, relation Relation, selectors []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+func (typeableRole *typeableRole) Tuples(subject string, relation Relation, selector []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := make([]*openfgav1.TupleKey, 0)
-
-	for _, selector := range selectors {
+	for _, selector := range selector {
 		object := typeableRole.Prefix(orgID) + "/" + selector.String()
 		tuples = append(tuples, &openfgav1.TupleKey{User: subject, Relation: relation.StringValue(), Object: object})
 	}
--- a/pkg/types/authtypes/typeable_user.go
+++ b/pkg/types/authtypes/typeable_user.go
@@ -9,10 +9,9 @@ var _ Typeable = new(typeableUser)

 type typeableUser struct{}

-func (typeableUser *typeableUser) Tuples(subject string, relation Relation, selectors []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+func (typeableUser *typeableUser) Tuples(subject string, relation Relation, selector []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := make([]*openfgav1.TupleKey, 0)
-
-	for _, selector := range selectors {
+	for _, selector := range selector {
 		object := typeableUser.Prefix(orgID) + "/" + selector.String()
 		tuples = append(tuples, &openfgav1.TupleKey{User: subject, Relation: relation.StringValue(), Object: object})
 	}
--- a/pkg/types/pipelinetypes/pipeline.go
+++ b/pkg/types/pipelinetypes/pipeline.go
@@ -7,9 +7,9 @@ import (
 	"strings"

 	"github.com/SigNoz/signoz/pkg/errors"
-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
 	"github.com/SigNoz/signoz/pkg/query-service/queryBuilderToExpr"
 	"github.com/SigNoz/signoz/pkg/types"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/uptrace/bun"
 )

@@ -57,7 +57,7 @@ type StoreablePipeline struct {

 type GettablePipeline struct {
 	StoreablePipeline
-	Filter *v3.FilterSet      `json:"filter"`
+	Filter *qbtypes.Filter    `json:"filter"`
 	Config []PipelineOperator `json:"config"`
 }

@@ -72,7 +72,7 @@ func (i *GettablePipeline) ParseRawConfig() error {
 }

 func (i *GettablePipeline) ParseFilter() error {
-	f := v3.FilterSet{}
+	f := qbtypes.Filter{}
 	err := json.Unmarshal([]byte(i.FilterString), &f)
 	if err != nil {
 		return errors.WrapInvalidInputf(err, errors.CodeInvalidInput, "failed to parse filter")
@@ -200,7 +200,7 @@ type PostablePipeline struct {
 	Alias       string             `json:"alias"`
 	Description string             `json:"description"`
 	Enabled     bool               `json:"enabled"`
-	Filter      *v3.FilterSet      `json:"filter"`
+	Filter      *qbtypes.Filter    `json:"filter"`
 	Config      []PipelineOperator `json:"config"`
 }

@@ -218,6 +218,14 @@ func (p *PostablePipeline) IsValid() error {
 	}

 	// check the filter
+	if p.Filter == nil || strings.TrimSpace(p.Filter.Expression) == "" {
+		return errors.NewInvalidInputf(errors.CodeInvalidInput, "filter.expression is required")
+	}
+
+	// Validate that every field in the expression has an explicit context
+	// (attribute., resource., body., etc) so later pipeline processing does not
+	// need to guess. We intentionally do not validate that the field actually
+	// exists – only that the context is specified.
 	_, err := queryBuilderToExpr.Parse(p.Filter)
 	if err != nil {
 		return err
--- a/pkg/types/pipelinetypes/postable_pipeline_test.go
+++ b/pkg/types/pipelinetypes/postable_pipeline_test.go
@@ -3,24 +3,13 @@ package pipelinetypes
 import (
 	"testing"

-	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
-	. "github.com/smartystreets/goconvey/convey"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
+	"github.com/stretchr/testify/assert"
 )

 func TestIsValidPostablePipeline(t *testing.T) {
-	validPipelineFilterSet := &v3.FilterSet{
-		Operator: "AND",
-		Items: []v3.FilterItem{
-			{
-				Key: v3.AttributeKey{
-					Key:      "method",
-					DataType: v3.AttributeKeyDataTypeString,
-					Type:     v3.AttributeKeyTypeTag,
-				},
-				Operator: "=",
-				Value:    "GET",
-			},
-		},
+	validPipelineFilter := &qbtypes.Filter{
+		Expression: `attributes.method = "GET"`,
 	}

 	var correctQueriesTest = []struct {
@@ -34,7 +23,7 @@ func TestIsValidPostablePipeline(t *testing.T) {
 				Name:    "pipeline 1",
 				Alias:   "pipeline1",
 				Enabled: true,
-				Filter:  validPipelineFilterSet,
+				Filter:  validPipelineFilter,
 				Config:  []PipelineOperator{},
 			},
 			IsValid: false,
@@ -46,7 +35,7 @@ func TestIsValidPostablePipeline(t *testing.T) {
 				Name:    "pipeline 1",
 				Alias:   "pipeline1",
 				Enabled: true,
-				Filter:  validPipelineFilterSet,
+				Filter:  validPipelineFilter,
 				Config:  []PipelineOperator{},
 			},
 			IsValid: false,
@@ -58,7 +47,7 @@ func TestIsValidPostablePipeline(t *testing.T) {
 				Name:    "pipeline 1",
 				Alias:   "pipeline1",
 				Enabled: true,
-				Filter:  validPipelineFilterSet,
+				Filter:  validPipelineFilter,
 				Config:  []PipelineOperator{},
 			},
 			IsValid: true,
@@ -70,19 +59,21 @@ func TestIsValidPostablePipeline(t *testing.T) {
 				Name:    "pipeline 1",
 				Alias:   "pipeline1",
 				Enabled: true,
-				Filter: &v3.FilterSet{
-					Operator: "AND",
-					Items: []v3.FilterItem{
-						{
-							Key: v3.AttributeKey{
-								Key:      "method",
-								DataType: v3.AttributeKeyDataTypeString,
-								Type:     v3.AttributeKeyTypeUnspecified,
-							},
-							Operator: "regex",
-							Value:    "[0-9A-Z*",
-						},
-					},
+				Filter: &qbtypes.Filter{
+					Expression: "",
+				},
+			},
+			IsValid: false,
+		},
+		{
+			Name: "Filter without context prefix on field",
+			Pipeline: PostablePipeline{
+				OrderID: 1,
+				Name:    "pipeline 1",
+				Alias:   "pipeline1",
+				Enabled: true,
+				Filter: &qbtypes.Filter{
+					Expression: `method = "GET"`,
 				},
 			},
 			IsValid: false,
@@ -94,19 +85,19 @@ func TestIsValidPostablePipeline(t *testing.T) {
 				Name:    "pipeline 1",
 				Alias:   "pipeline1",
 				Enabled: true,
-				Filter:  validPipelineFilterSet,
+				Filter:  validPipelineFilter,
 			},
 			IsValid: true,
 		},
 	}

 	for _, test := range correctQueriesTest {
-		Convey(test.Name, t, func() {
+		t.Run(test.Name, func(t *testing.T) {
 			err := test.Pipeline.IsValid()
 			if test.IsValid {
-				So(err, ShouldBeNil)
+				assert.NoError(t, err)
 			} else {
-				So(err, ShouldBeError)
+				assert.Error(t, err)
 			}
 		})
 	}
@@ -365,12 +356,12 @@ var operatorTest = []struct {

 func TestValidOperator(t *testing.T) {
 	for _, test := range operatorTest {
-		Convey(test.Name, t, func() {
+		t.Run(test.Name, func(t *testing.T) {
 			err := isValidOperator(test.Operator)
 			if test.IsValid {
-				So(err, ShouldBeNil)
+				assert.NoError(t, err)
 			} else {
-				So(err, ShouldBeError)
+				assert.Error(t, err)
 			}
 		})
 	}
--- a/pkg/types/querybuildertypes/querybuildertypesv5/filter_inspect.go
+++ b/pkg/types/querybuildertypes/querybuildertypesv5/filter_inspect.go
@@ -0,0 +1,60 @@
+package querybuildertypesv5
+
+import "github.com/SigNoz/signoz/pkg/types/telemetrytypes"
+
+// LogicalOp represents how child expressions are combined.
+type LogicalOp string
+
+const (
+	// LogicalOpLeaf represents a leaf node containing one or more simple conditions.
+	LogicalOpLeaf LogicalOp = "LEAF"
+	// LogicalOpAnd represents an AND combination of children.
+	LogicalOpAnd LogicalOp = "AND"
+	// LogicalOpOr represents an OR combination of children.
+	LogicalOpOr LogicalOp = "OR"
+)
+
+// FilterExprNode is a reusable logical representation of a filter expression.
+//
+// - Leaf nodes (Op == LogicalOpLeaf) contain one or more ParsedFilterCondition.
+// - Non-leaf nodes (Op == LogicalOpAnd/LogicalOpOr) contain Children.
+// - Negated indicates a leading NOT applied to this subtree.
+type FilterExprNode struct {
+	Op         LogicalOp
+	Negated    bool
+	Conditions []FilterCondition
+	Children   []*FilterExprNode
+}
+
+func (f *FilterExprNode) Flatten() []FilterCondition {
+	var conditions []FilterCondition
+	var walk func(node *FilterExprNode)
+
+	walk = func(node *FilterExprNode) {
+		if node == nil {
+			return
+		}
+		if node.Op == LogicalOpLeaf {
+			conditions = append(conditions, node.Conditions...)
+		}
+		for _, child := range node.Children {
+			walk(child)
+		}
+	}
+
+	walk(f)
+	return conditions
+}
+
+// FilterCondition represents a single comparison or existence check
+// extracted from a filter expression.
+//
+//   - Keys:   one or more logical field keys on the left-hand side (see where_clause_visitor.VisitKey
+//     for why one expression key can resolve to multiple TelemetryFieldKeys).
+//   - Op:     filter operator (e.g. =, !=, in, exists, between).
+//   - Value:  right-hand side literal (any type: single value, slice for IN/NOT IN, nil for EXISTS, etc.).
+type FilterCondition struct {
+	Keys   []*telemetrytypes.TelemetryFieldKey
+	Op     FilterOperator
+	Value  any
+}
--- a/pkg/types/ruletypes/api_params.go
+++ b/pkg/types/ruletypes/api_params.go
@@ -8,15 +8,15 @@ import (
 	"time"
 	"unicode/utf8"

-	"github.com/prometheus/alertmanager/config"
-
 	signozError "github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
+
 	"github.com/SigNoz/signoz/pkg/query-service/utils/times"
 	"github.com/SigNoz/signoz/pkg/query-service/utils/timestamp"
 	"github.com/SigNoz/signoz/pkg/types/alertmanagertypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
+
+	"github.com/prometheus/alertmanager/config"
 )

 type AlertType string
@@ -40,12 +40,12 @@ const (

 // PostableRule is used to create alerting rule from HTTP api
 type PostableRule struct {
-	AlertName   string              `json:"alert,omitempty"`
-	AlertType   AlertType           `json:"alertType,omitempty"`
-	Description string              `json:"description,omitempty"`
-	RuleType    RuleType            `json:"ruleType,omitempty"`
-	EvalWindow  valuer.TextDuration `json:"evalWindow,omitempty"`
-	Frequency   valuer.TextDuration `json:"frequency,omitempty"`
+	AlertName   string    `json:"alert,omitempty"`
+	AlertType   AlertType `json:"alertType,omitempty"`
+	Description string    `json:"description,omitempty"`
+	RuleType    RuleType  `json:"ruleType,omitempty"`
+	EvalWindow  Duration  `json:"evalWindow,omitempty"`
+	Frequency   Duration  `json:"frequency,omitempty"`

 	RuleCondition *RuleCondition    `json:"condition,omitempty"`
 	Labels        map[string]string `json:"labels,omitempty"`
@@ -71,13 +71,13 @@ type NotificationSettings struct {
 	Renotify  Renotify `json:"renotify,omitempty"`
 	UsePolicy bool     `json:"usePolicy,omitempty"`
 	// NewGroupEvalDelay is the grace period for new series to be excluded from alerts evaluation
-	NewGroupEvalDelay valuer.TextDuration `json:"newGroupEvalDelay,omitzero"`
+	NewGroupEvalDelay *Duration `json:"newGroupEvalDelay,omitempty"`
 }

 type Renotify struct {
-	Enabled          bool                `json:"enabled"`
-	ReNotifyInterval valuer.TextDuration `json:"interval,omitzero"`
-	AlertStates      []model.AlertState  `json:"alertStates,omitempty"`
+	Enabled          bool               `json:"enabled"`
+	ReNotifyInterval Duration           `json:"interval,omitempty"`
+	AlertStates      []model.AlertState `json:"alertStates,omitempty"`
 }

 func (ns *NotificationSettings) GetAlertManagerNotificationConfig() alertmanagertypes.NotificationConfig {
@@ -85,10 +85,10 @@ func (ns *NotificationSettings) GetAlertManagerNotificationConfig() alertmanager
 	var noDataRenotifyInterval time.Duration
 	if ns.Renotify.Enabled {
 		if slices.Contains(ns.Renotify.AlertStates, model.StateNoData) {
-			noDataRenotifyInterval = ns.Renotify.ReNotifyInterval.Duration()
+			noDataRenotifyInterval = time.Duration(ns.Renotify.ReNotifyInterval)
 		}
 		if slices.Contains(ns.Renotify.AlertStates, model.StateFiring) {
-			renotifyInterval = ns.Renotify.ReNotifyInterval.Duration()
+			renotifyInterval = time.Duration(ns.Renotify.ReNotifyInterval)
 		}
 	} else {
 		renotifyInterval = 8760 * time.Hour //1 year for no renotify substitute
@@ -190,12 +190,12 @@ func (r *PostableRule) processRuleDefaults() {
 		r.SchemaVersion = DefaultSchemaVersion
 	}

-	if r.EvalWindow.IsZero() {
-		r.EvalWindow = valuer.MustParseTextDuration("5m")
+	if r.EvalWindow == 0 {
+		r.EvalWindow = Duration(5 * time.Minute)
 	}

-	if r.Frequency.IsZero() {
-		r.Frequency = valuer.MustParseTextDuration("1m")
+	if r.Frequency == 0 {
+		r.Frequency = Duration(1 * time.Minute)
 	}

 	if r.RuleCondition != nil {
@@ -246,7 +246,7 @@ func (r *PostableRule) processRuleDefaults() {
 			r.NotificationSettings = &NotificationSettings{
 				Renotify: Renotify{
 					Enabled:          true,
-					ReNotifyInterval: valuer.MustParseTextDuration("4h"),
+					ReNotifyInterval: Duration(4 * time.Hour),
 					AlertStates:      []model.AlertState{model.StateFiring},
 				},
 			}
--- a/pkg/types/ruletypes/api_params_test.go
+++ b/pkg/types/ruletypes/api_params_test.go
@@ -171,10 +171,10 @@ func TestParseIntoRule(t *testing.T) {
 			kind:        RuleDataKindJson,
 			expectError: false,
 			validate: func(t *testing.T, rule *PostableRule) {
-				if rule.EvalWindow.Duration() != 5*time.Minute {
+				if rule.EvalWindow != Duration(5*time.Minute) {
 					t.Errorf("Expected default eval window '5m', got '%v'", rule.EvalWindow)
 				}
-				if rule.Frequency.Duration() != time.Minute {
+				if rule.Frequency != Duration(1*time.Minute) {
 					t.Errorf("Expected default frequency '1m', got '%v'", rule.Frequency)
 				}
 				if rule.RuleCondition.CompositeQuery.BuilderQueries["A"].Expression != "A" {
@@ -327,10 +327,10 @@ func TestParseIntoRuleSchemaVersioning(t *testing.T) {

 				// Verify evaluation window matches rule settings
 				if window, ok := rule.Evaluation.Spec.(RollingWindow); ok {
-					if !window.EvalWindow.Equal(rule.EvalWindow) {
+					if window.EvalWindow != rule.EvalWindow {
 						t.Errorf("Expected Evaluation EvalWindow %v, got %v", rule.EvalWindow, window.EvalWindow)
 					}
-					if !window.Frequency.Equal(rule.Frequency) {
+					if window.Frequency != rule.Frequency {
 						t.Errorf("Expected Evaluation Frequency %v, got %v", rule.Frequency, window.Frequency)
 					}
 				} else {
@@ -457,10 +457,10 @@ func TestParseIntoRuleSchemaVersioning(t *testing.T) {
 					t.Fatal("Expected Evaluation to be populated")
 				}
 				if window, ok := rule.Evaluation.Spec.(RollingWindow); ok {
-					if !window.EvalWindow.Equal(rule.EvalWindow) {
+					if window.EvalWindow != rule.EvalWindow {
 						t.Errorf("Expected Evaluation EvalWindow to be overwritten to %v, got %v", rule.EvalWindow, window.EvalWindow)
 					}
-					if !window.Frequency.Equal(rule.Frequency) {
+					if window.Frequency != rule.Frequency {
 						t.Errorf("Expected Evaluation Frequency to be overwritten to %v, got %v", rule.Frequency, window.Frequency)
 					}
 				} else {
@@ -504,7 +504,7 @@ func TestParseIntoRuleSchemaVersioning(t *testing.T) {
 					t.Error("Expected Evaluation to be nil for v2")
 				}

-				if rule.EvalWindow.Duration() != 5*time.Minute {
+				if rule.EvalWindow != Duration(5*time.Minute) {
 					t.Error("Expected default EvalWindow to be applied")
 				}
 				if rule.RuleType != RuleTypeThreshold {
--- a/pkg/types/ruletypes/evaluation.go
+++ b/pkg/types/ruletypes/evaluation.go
@@ -19,36 +19,36 @@ var (

 type Evaluation interface {
 	NextWindowFor(curr time.Time) (time.Time, time.Time)
-	GetFrequency() valuer.TextDuration
+	GetFrequency() Duration
 }

 type RollingWindow struct {
-	EvalWindow valuer.TextDuration `json:"evalWindow"`
-	Frequency  valuer.TextDuration `json:"frequency"`
+	EvalWindow Duration `json:"evalWindow"`
+	Frequency  Duration `json:"frequency"`
 }

 func (rollingWindow RollingWindow) Validate() error {
-	if !rollingWindow.EvalWindow.IsPositive() {
+	if rollingWindow.EvalWindow <= 0 {
 		return errors.NewInvalidInputf(errors.CodeInvalidInput, "evalWindow must be greater than zero")
 	}
-	if !rollingWindow.Frequency.IsPositive() {
+	if rollingWindow.Frequency <= 0 {
 		return errors.NewInvalidInputf(errors.CodeInvalidInput, "frequency must be greater than zero")
 	}
 	return nil
 }

 func (rollingWindow RollingWindow) NextWindowFor(curr time.Time) (time.Time, time.Time) {
-	return curr.Add(-rollingWindow.EvalWindow.Duration()), curr
+	return curr.Add(time.Duration(-rollingWindow.EvalWindow)), curr
 }

-func (rollingWindow RollingWindow) GetFrequency() valuer.TextDuration {
+func (rollingWindow RollingWindow) GetFrequency() Duration {
 	return rollingWindow.Frequency
 }

 type CumulativeWindow struct {
-	Schedule  CumulativeSchedule  `json:"schedule"`
-	Frequency valuer.TextDuration `json:"frequency"`
-	Timezone  string              `json:"timezone"`
+	Schedule  CumulativeSchedule `json:"schedule"`
+	Frequency Duration           `json:"frequency"`
+	Timezone  string             `json:"timezone"`
 }

 type CumulativeSchedule struct {
@@ -79,7 +79,7 @@ func (cumulativeWindow CumulativeWindow) Validate() error {
 	if _, err := time.LoadLocation(cumulativeWindow.Timezone); err != nil {
 		return errors.NewInvalidInputf(errors.CodeInvalidInput, "timezone is invalid")
 	}
-	if !cumulativeWindow.Frequency.IsPositive() {
+	if cumulativeWindow.Frequency <= 0 {
 		return errors.NewInvalidInputf(errors.CodeInvalidInput, "frequency must be greater than zero")
 	}
 	return nil
@@ -150,8 +150,8 @@ func (cumulativeWindow CumulativeWindow) NextWindowFor(curr time.Time) (time.Tim
 	return windowStart.In(time.UTC), currInTZ.In(time.UTC)
 }

-func (cumulativeWindow CumulativeWindow) getLastScheduleTime(curr time.Time, loc *time.Location) time.Time {
-	schedule := cumulativeWindow.Schedule
+func (cw CumulativeWindow) getLastScheduleTime(curr time.Time, loc *time.Location) time.Time {
+	schedule := cw.Schedule

 	switch schedule.Type {
 	case ScheduleTypeHourly:
@@ -220,7 +220,7 @@ func (cumulativeWindow CumulativeWindow) getLastScheduleTime(curr time.Time, loc
 	}
 }

-func (cumulativeWindow CumulativeWindow) GetFrequency() valuer.TextDuration {
+func (cumulativeWindow CumulativeWindow) GetFrequency() Duration {
 	return cumulativeWindow.Frequency
 }

--- a/pkg/types/ruletypes/evaluation_test.go
+++ b/pkg/types/ruletypes/evaluation_test.go
@@ -4,35 +4,33 @@ import (
 	"encoding/json"
 	"testing"
 	"time"
-
-	"github.com/SigNoz/signoz/pkg/valuer"
 )

 func TestRollingWindow_EvaluationTime(t *testing.T) {
 	tests := []struct {
 		name       string
-		evalWindow valuer.TextDuration
+		evalWindow Duration
 		current    time.Time
 		wantStart  time.Time
 		wantEnd    time.Time
 	}{
 		{
 			name:       "5 minute rolling window",
-			evalWindow: valuer.MustParseTextDuration("5m"),
+			evalWindow: Duration(5 * time.Minute),
 			current:    time.Date(2023, 12, 1, 12, 30, 0, 0, time.UTC),
 			wantStart:  time.Date(2023, 12, 1, 12, 25, 0, 0, time.UTC),
 			wantEnd:    time.Date(2023, 12, 1, 12, 30, 0, 0, time.UTC),
 		},
 		{
 			name:       "1 hour rolling window",
-			evalWindow: valuer.MustParseTextDuration("1h"),
+			evalWindow: Duration(1 * time.Hour),
 			current:    time.Date(2023, 12, 1, 15, 45, 30, 0, time.UTC),
 			wantStart:  time.Date(2023, 12, 1, 14, 45, 30, 0, time.UTC),
 			wantEnd:    time.Date(2023, 12, 1, 15, 45, 30, 0, time.UTC),
 		},
 		{
 			name:       "30 second rolling window",
-			evalWindow: valuer.MustParseTextDuration("30s"),
+			evalWindow: Duration(30 * time.Second),
 			current:    time.Date(2023, 12, 1, 12, 30, 15, 0, time.UTC),
 			wantStart:  time.Date(2023, 12, 1, 12, 29, 45, 0, time.UTC),
 			wantEnd:    time.Date(2023, 12, 1, 12, 30, 15, 0, time.UTC),
@@ -43,7 +41,7 @@ func TestRollingWindow_EvaluationTime(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			rw := &RollingWindow{
 				EvalWindow: tt.evalWindow,
-				Frequency:  valuer.MustParseTextDuration("1m"),
+				Frequency:  Duration(1 * time.Minute),
 			}

 			gotStart, gotEnd := rw.NextWindowFor(tt.current)
@@ -71,7 +69,7 @@ func TestCumulativeWindow_NewScheduleSystem(t *testing.T) {
 					Type:   ScheduleTypeHourly,
 					Minute: intPtr(15),
 				},
-				Frequency: valuer.MustParseTextDuration("5m"),
+				Frequency: Duration(5 * time.Minute),
 				Timezone:  "UTC",
 			},
 			current: time.Date(2025, 3, 15, 14, 30, 0, 0, time.UTC),
@@ -85,7 +83,7 @@ func TestCumulativeWindow_NewScheduleSystem(t *testing.T) {
 					Hour:   intPtr(9),
 					Minute: intPtr(30),
 				},
-				Frequency: valuer.MustParseTextDuration("1h"),
+				Frequency: Duration(1 * time.Hour),
 				Timezone:  "Asia/Kolkata",
 			},
 			current: time.Date(2025, 3, 15, 15, 30, 0, 0, time.UTC),
@@ -100,7 +98,7 @@ func TestCumulativeWindow_NewScheduleSystem(t *testing.T) {
 					Hour:    intPtr(14),
 					Minute:  intPtr(0),
 				},
-				Frequency: valuer.MustParseTextDuration("24h"),
+				Frequency: Duration(24 * time.Hour),
 				Timezone:  "America/New_York",
 			},
 			current: time.Date(2025, 3, 18, 19, 0, 0, 0, time.UTC), // Tuesday
@@ -115,7 +113,7 @@ func TestCumulativeWindow_NewScheduleSystem(t *testing.T) {
 					Hour:   intPtr(0),
 					Minute: intPtr(0),
 				},
-				Frequency: valuer.MustParseTextDuration("24h"),
+				Frequency: Duration(24 * time.Hour),
 				Timezone:  "UTC",
 			},
 			current: time.Date(2025, 3, 15, 12, 0, 0, 0, time.UTC),
@@ -127,7 +125,7 @@ func TestCumulativeWindow_NewScheduleSystem(t *testing.T) {
 				Schedule: CumulativeSchedule{
 					Type: ScheduleTypeHourly,
 				},
-				Frequency: valuer.MustParseTextDuration("5m"),
+				Frequency: Duration(5 * time.Minute),
 				Timezone:  "UTC",
 			},
 			current: time.Date(2025, 3, 15, 14, 30, 0, 0, time.UTC),
@@ -757,8 +755,8 @@ func TestEvaluationEnvelope_UnmarshalJSON(t *testing.T) {
 			jsonInput: `{"kind":"rolling","spec":{"evalWindow":"5m","frequency":"1m"}}`,
 			wantKind:  RollingEvaluation,
 			wantSpec: RollingWindow{
-				EvalWindow: valuer.MustParseTextDuration("5m"),
-				Frequency:  valuer.MustParseTextDuration("1m"),
+				EvalWindow: Duration(5 * time.Minute),
+				Frequency:  Duration(1 * time.Minute),
 			},
 		},
 		{
@@ -770,7 +768,7 @@ func TestEvaluationEnvelope_UnmarshalJSON(t *testing.T) {
 					Type:   ScheduleTypeHourly,
 					Minute: intPtr(30),
 				},
-				Frequency: valuer.MustParseTextDuration("2m"),
+				Frequency: Duration(2 * time.Minute),
 				Timezone:  "UTC",
 			},
 		},
@@ -849,10 +847,10 @@ func TestEvaluationEnvelope_UnmarshalJSON(t *testing.T) {
 					t.Fatalf("Expected RollingWindow spec, got %T", envelope.Spec)
 				}
 				wantSpec := tt.wantSpec.(RollingWindow)
-				if !gotSpec.EvalWindow.Equal(wantSpec.EvalWindow) {
+				if gotSpec.EvalWindow != wantSpec.EvalWindow {
 					t.Errorf("RollingWindow.EvalWindow = %v, want %v", gotSpec.EvalWindow, wantSpec.EvalWindow)
 				}
-				if !gotSpec.Frequency.Equal(wantSpec.Frequency) {
+				if gotSpec.Frequency != wantSpec.Frequency {
 					t.Errorf("RollingWindow.Frequency = %v, want %v", gotSpec.Frequency, wantSpec.Frequency)
 				}
 			case CumulativeEvaluation:
@@ -868,7 +866,7 @@ func TestEvaluationEnvelope_UnmarshalJSON(t *testing.T) {
 					(gotSpec.Schedule.Minute != nil && wantSpec.Schedule.Minute != nil && *gotSpec.Schedule.Minute != *wantSpec.Schedule.Minute) {
 					t.Errorf("CumulativeWindow.Schedule.Minute = %v, want %v", gotSpec.Schedule.Minute, wantSpec.Schedule.Minute)
 				}
-				if !gotSpec.Frequency.Equal(wantSpec.Frequency) {
+				if gotSpec.Frequency != wantSpec.Frequency {
 					t.Errorf("CumulativeWindow.Frequency = %v, want %v", gotSpec.Frequency, wantSpec.Frequency)
 				}
 				if gotSpec.Timezone != wantSpec.Timezone {
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Piyush Singariya	40956116dc	fix: qbtoexpr migrated to v5	2026-02-09 20:24:32 +05:30
Piyush Singariya	b49a95b7b3	Merge branch 'main' into lp-filter-v5	2026-02-09 13:06:54 +05:30
Piyush Singariya	ae19bb2be2	fix: filter expression	2026-02-05 18:10:45 +05:30
Piyush Singariya	749f52ff9d	chore: moving from v3 to v5	2026-02-05 17:48:57 +05:30