fix: add nolint:nilnil

fix: update comment
feat: improve perf for queries with empty resource filter
2026-04-08 13:10:26 +01:00 · 2026-04-07 12:16:41 +05:30 · 2026-04-07 10:38:30 +05:30 · 2026-04-07 10:33:27 +05:30
86 changed files with 2123 additions and 3929 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -51,8 +51,6 @@ ee/query-service/tests/test-deploy/data/
 # local data
 *.backup
 *.db
-*.db-shm
-*.db-wal
 **/db
 /deploy/docker/clickhouse-setup/data/
 /deploy/docker-swarm/clickhouse-setup/data/
--- a/ee/query-service/rules/anomaly.go
+++ b/ee/query-service/rules/anomaly.go
@@ -49,6 +49,7 @@ func NewAnomalyRule(
 	logger *slog.Logger,
 	opts ...baserules.RuleOption,
 ) (*AnomalyRule, error) {
+
 	logger.Info("creating new AnomalyRule", slog.String("rule.id", id))

 	opts = append(opts, baserules.WithLogger(logger))
@@ -58,44 +59,44 @@ func NewAnomalyRule(
 		return nil, err
 	}

-	r := AnomalyRule{
+	t := AnomalyRule{
 		BaseRule: baseRule,
-		querier:  querier,
-		version:  p.Version,
-		logger:   logger.With(slog.String("rule.id", id)),
 	}

 	switch p.RuleCondition.Seasonality {
 	case ruletypes.SeasonalityHourly:
-		r.seasonality = anomaly.SeasonalityHourly
+		t.seasonality = anomaly.SeasonalityHourly
 	case ruletypes.SeasonalityDaily:
-		r.seasonality = anomaly.SeasonalityDaily
+		t.seasonality = anomaly.SeasonalityDaily
 	case ruletypes.SeasonalityWeekly:
-		r.seasonality = anomaly.SeasonalityWeekly
+		t.seasonality = anomaly.SeasonalityWeekly
 	default:
-		r.seasonality = anomaly.SeasonalityDaily
+		t.seasonality = anomaly.SeasonalityDaily
 	}

-	r.logger.Info("using seasonality", slog.String("rule.seasonality", r.seasonality.StringValue()))
+	logger.Info("using seasonality", slog.String("rule.id", id), slog.String("rule.seasonality", t.seasonality.StringValue()))

-	if r.seasonality == anomaly.SeasonalityHourly {
-		r.provider = anomaly.NewHourlyProvider(
+	if t.seasonality == anomaly.SeasonalityHourly {
+		t.provider = anomaly.NewHourlyProvider(
 			anomaly.WithQuerier[*anomaly.HourlyProvider](querier),
-			anomaly.WithLogger[*anomaly.HourlyProvider](r.logger),
+			anomaly.WithLogger[*anomaly.HourlyProvider](logger),
 		)
-	} else if r.seasonality == anomaly.SeasonalityDaily {
-		r.provider = anomaly.NewDailyProvider(
+	} else if t.seasonality == anomaly.SeasonalityDaily {
+		t.provider = anomaly.NewDailyProvider(
 			anomaly.WithQuerier[*anomaly.DailyProvider](querier),
-			anomaly.WithLogger[*anomaly.DailyProvider](r.logger),
+			anomaly.WithLogger[*anomaly.DailyProvider](logger),
 		)
-	} else if r.seasonality == anomaly.SeasonalityWeekly {
-		r.provider = anomaly.NewWeeklyProvider(
+	} else if t.seasonality == anomaly.SeasonalityWeekly {
+		t.provider = anomaly.NewWeeklyProvider(
 			anomaly.WithQuerier[*anomaly.WeeklyProvider](querier),
-			anomaly.WithLogger[*anomaly.WeeklyProvider](r.logger),
+			anomaly.WithLogger[*anomaly.WeeklyProvider](logger),
 		)
 	}

-	return &r, nil
+	t.querier = querier
+	t.version = p.Version
+	t.logger = logger
+	return &t, nil
 }

 func (r *AnomalyRule) Type() ruletypes.RuleType {
@@ -103,11 +104,8 @@ func (r *AnomalyRule) Type() ruletypes.RuleType {
 }

 func (r *AnomalyRule) prepareQueryRange(ctx context.Context, ts time.Time) *qbtypes.QueryRangeRequest {
-	r.logger.InfoContext(
-		ctx, "prepare query range request", slog.Int64("ts", ts.UnixMilli()),
-		slog.Int64("eval.window_ms", r.EvalWindow().Milliseconds()),
-		slog.Int64("eval.delay_ms", r.EvalDelay().Milliseconds()),
-	)
+
+	r.logger.InfoContext(ctx, "prepare query range request", slog.String("rule.id", r.ID()), slog.Int64("ts", ts.UnixMilli()), slog.Int64("eval.window_ms", r.EvalWindow().Milliseconds()), slog.Int64("eval.delay_ms", r.EvalDelay().Milliseconds()))

 	startTs, endTs := r.Timestamps(ts)
 	start, end := startTs.UnixMilli(), endTs.UnixMilli()
@@ -147,7 +145,7 @@ func (r *AnomalyRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID, t
 	}

 	if queryResult == nil {
-		r.logger.WarnContext(ctx, "nil qb result", slog.Int64("ts", ts.UnixMilli()))
+		r.logger.WarnContext(ctx, "nil qb result", slog.String("rule.id", r.ID()), slog.Int64("ts", ts.UnixMilli()))
 		return ruletypes.Vector{}, nil
 	}

@@ -158,7 +156,7 @@ func (r *AnomalyRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID, t
 	if missingDataAlert := r.HandleMissingDataAlert(ctx, ts, hasData); missingDataAlert != nil {
 		return ruletypes.Vector{*missingDataAlert}, nil
 	} else if !hasData {
-		r.logger.WarnContext(ctx, "no anomaly result")
+		r.logger.WarnContext(ctx, "no anomaly result", slog.String("rule.id", r.ID()))
 		return ruletypes.Vector{}, nil
 	}

@@ -166,7 +164,7 @@ func (r *AnomalyRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID, t

 	scoresJSON, _ := json.Marshal(queryResult.Aggregations[0].AnomalyScores)
 	// TODO(srikanthccv): this could be noisy but we do this to answer false alert requests
-	r.logger.InfoContext(ctx, "anomaly scores", slog.String("anomaly.scores", string(scoresJSON)))
+	r.logger.InfoContext(ctx, "anomaly scores", slog.String("rule.id", r.ID()), slog.String("anomaly.scores", string(scoresJSON)))

 	// Filter out new series if newGroupEvalDelay is configured
 	seriesToProcess := queryResult.Aggregations[0].AnomalyScores
@@ -174,7 +172,7 @@ func (r *AnomalyRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID, t
 		filteredSeries, filterErr := r.BaseRule.FilterNewSeries(ctx, ts, seriesToProcess)
 		// In case of error we log the error and continue with the original series
 		if filterErr != nil {
-			r.logger.ErrorContext(ctx, "error filtering new series", errors.Attr(filterErr))
+			r.logger.ErrorContext(ctx, "error filtering new series", slog.String("rule.id", r.ID()), errors.Attr(filterErr))
 		} else {
 			seriesToProcess = filteredSeries
 		}
@@ -182,11 +180,7 @@ func (r *AnomalyRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID, t

 	for _, series := range seriesToProcess {
 		if !r.Condition().ShouldEval(series) {
-			r.logger.InfoContext(
-				ctx, "not enough data points to evaluate series, skipping",
-				slog.Int("series.num_points", len(series.Values)),
-				slog.Int("series.required_points", r.Condition().RequiredNumPoints),
-			)
+			r.logger.InfoContext(ctx, "not enough data points to evaluate series, skipping", slog.String("rule.id", r.ID()), slog.Int("series.num_points", len(series.Values)), slog.Int("series.required_points", r.Condition().RequiredNumPoints))
 			continue
 		}
 		results, err := r.Threshold.Eval(series, r.Unit(), ruletypes.EvalData{
@@ -210,7 +204,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 	var res ruletypes.Vector
 	var err error

-	r.logger.InfoContext(ctx, "running query")
+	r.logger.InfoContext(ctx, "running query", slog.String("rule.id", r.ID()))
 	res, err = r.buildAndRunQuery(ctx, r.OrgID(), ts)

 	if err != nil {
@@ -236,10 +230,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		}
 		value := valueFormatter.Format(smpl.V, r.Unit())
 		threshold := valueFormatter.Format(smpl.Target, smpl.TargetUnit)
-		r.logger.DebugContext(
-			ctx, "alert template data for rule", slog.String("formatter.name", valueFormatter.Name()),
-			slog.String("alert.value", value), slog.String("alert.threshold", threshold),
-		)
+		r.logger.DebugContext(ctx, "alert template data for rule", slog.String("rule.id", r.ID()), slog.String("formatter.name", valueFormatter.Name()), slog.String("alert.value", value), slog.String("alert.threshold", threshold))

 		tmplData := ruletypes.AlertTemplateData(l, value, threshold)
 		// Inject some convenience variables that are easier to remember for users
@@ -259,7 +250,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			result, err := tmpl.Expand()
 			if err != nil {
 				result = fmt.Sprintf("<error expanding template: %s>", err)
-				r.logger.ErrorContext(ctx, "expanding alert template failed", errors.Attr(err), slog.Any("alert.template_data", tmplData))
+				r.logger.ErrorContext(ctx, "expanding alert template failed", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("alert.template_data", tmplData))
 			}
 			return result
 		}
@@ -289,7 +280,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		resultFPs[h] = struct{}{}

 		if _, ok := alerts[h]; ok {
-			r.logger.ErrorContext(ctx, "the alert query returns duplicate records", slog.Any("alert", alerts[h]))
+			r.logger.ErrorContext(ctx, "the alert query returns duplicate records", slog.String("rule.id", r.ID()), slog.Any("alert", alerts[h]))
 			err = errors.NewInternalf(errors.CodeInternal, "duplicate alert found, vector contains metrics with the same labelset after applying alert labels")
 			return 0, err
 		}
@@ -308,7 +299,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		}
 	}

-	r.logger.InfoContext(ctx, "number of alerts found", slog.Int("alert.count", len(alerts)))
+	r.logger.InfoContext(ctx, "number of alerts found", slog.String("rule.id", r.ID()), slog.Int("alert.count", len(alerts)))
 	// alerts[h] is ready, add or update active list now
 	for h, a := range alerts {
 		// Check whether we already have alerting state for the identifying label set.
@@ -335,7 +326,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 	for fp, a := range r.Active {
 		labelsJSON, err := json.Marshal(a.QueryResultLabels)
 		if err != nil {
-			r.logger.ErrorContext(ctx, "error marshaling labels", errors.Attr(err), slog.Any("alert.labels", a.Labels))
+			r.logger.ErrorContext(ctx, "error marshaling labels", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("alert.labels", a.Labels))
 		}
 		if _, ok := resultFPs[fp]; !ok {
 			// If the alert was previously firing, keep it around for a given
@@ -390,7 +381,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 				state = ruletypes.StateFiring
 			}
 			a.State = state
-			r.logger.DebugContext(ctx, "converting alert state", slog.Any("alert.state", state))
+			r.logger.DebugContext(ctx, "converting alert state", slog.String("rule.id", r.ID()), slog.Any("alert.state", state))
 			itemsToAdd = append(itemsToAdd, rulestatehistorytypes.RuleStateHistory{
 				RuleID:       r.ID(),
 				RuleName:     r.Name(),
@@ -413,7 +404,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		itemsToAdd[idx] = item
 	}

-	_ = r.RecordRuleStateHistory(ctx, itemsToAdd)
+	r.RecordRuleStateHistory(ctx, prevState, currentState, itemsToAdd)

 	return len(r.Active), nil
 }
--- a/frontend/src/AppRoutes/Private.tsx
+++ b/frontend/src/AppRoutes/Private.tsx
@@ -1,4 +1,4 @@
-import { ReactChild, useCallback, useMemo } from 'react';
+import { ReactChild, useCallback, useEffect, useMemo, useState } from 'react';
 import { matchPath, Redirect, useLocation } from 'react-router-dom';
 import getLocalStorageApi from 'api/browser/localstorage/get';
 import setLocalStorageApi from 'api/browser/localstorage/set';
@@ -8,10 +8,12 @@ import { LOCALSTORAGE } from 'constants/localStorage';
 import { ORG_PREFERENCES } from 'constants/orgPreferences';
 import ROUTES from 'constants/routes';
 import { useGetTenantLicense } from 'hooks/useGetTenantLicense';
+import history from 'lib/history';
 import { isEmpty } from 'lodash-es';
 import { useAppContext } from 'providers/App/App';
 import { LicensePlatform, LicenseState } from 'types/api/licensesV3/getActive';
 import { OrgPreference } from 'types/api/preferences/preference';
+import { Organization } from 'types/api/user/getOrganization';
 import { USER_ROLES } from 'types/roles';
 import { routePermission } from 'utils/permission';

@@ -23,7 +25,6 @@ import routes, {
 	SUPPORT_ROUTE,
 } from './routes';

-// eslint-disable-next-line sonarjs/cognitive-complexity
 function PrivateRoute({ children }: PrivateRouteProps): JSX.Element {
 	const location = useLocation();
 	const { pathname } = location;
@@ -56,12 +57,7 @@ function PrivateRoute({ children }: PrivateRouteProps): JSX.Element {
 	const currentRoute = mapRoutes.get('current');
 	const { isCloudUser: isCloudUserVal } = useGetTenantLicense();

-	const orgData = useMemo(() => {
-		if (org && org.length > 0 && org[0].id !== undefined) {
-			return org[0];
-		}
-		return undefined;
-	}, [org]);
+	const [orgData, setOrgData] = useState<Organization | undefined>(undefined);

 	const { data: usersData, isFetching: isFetchingUsers } = useListUsers({
 		query: {
@@ -79,7 +75,214 @@ function PrivateRoute({ children }: PrivateRouteProps): JSX.Element {
 		return remainingUsers.length === 1;
 	}, [usersData?.data]);

-	// Handle old routes - redirect to new routes
+	useEffect(() => {
+		if (
+			isCloudUserVal &&
+			!isFetchingOrgPreferences &&
+			orgPreferences &&
+			!isFetchingUsers &&
+			usersData &&
+			usersData.data
+		) {
+			const isOnboardingComplete = orgPreferences?.find(
+				(preference: OrgPreference) =>
+					preference.name === ORG_PREFERENCES.ORG_ONBOARDING,
+			)?.value;
+
+			// Don't redirect to onboarding if workspace has issues (blocked, suspended, or restricted)
+			// User needs access to settings/billing to fix payment issues
+			const isWorkspaceBlocked = trialInfo?.workSpaceBlock;
+			const isWorkspaceSuspended = activeLicense?.state === LicenseState.DEFAULTED;
+			const isWorkspaceAccessRestricted =
+				activeLicense?.state === LicenseState.TERMINATED ||
+				activeLicense?.state === LicenseState.EXPIRED ||
+				activeLicense?.state === LicenseState.CANCELLED;
+
+			const hasWorkspaceIssue =
+				isWorkspaceBlocked || isWorkspaceSuspended || isWorkspaceAccessRestricted;
+
+			if (hasWorkspaceIssue) {
+				return;
+			}
+
+			const isFirstUser = checkFirstTimeUser();
+			if (
+				isFirstUser &&
+				!isOnboardingComplete &&
+				// if the current route is allowed to be overriden by org onboarding then only do the same
+				!ROUTES_NOT_TO_BE_OVERRIDEN.includes(pathname)
+			) {
+				history.push(ROUTES.ONBOARDING);
+			}
+		}
+	}, [
+		checkFirstTimeUser,
+		isCloudUserVal,
+		isFetchingOrgPreferences,
+		isFetchingUsers,
+		orgPreferences,
+		usersData,
+		pathname,
+		trialInfo?.workSpaceBlock,
+		activeLicense?.state,
+	]);
+
+	const navigateToWorkSpaceBlocked = useCallback((): void => {
+		const isRouteEnabledForWorkspaceBlockedState =
+			isAdmin &&
+			(pathname === ROUTES.SETTINGS ||
+				pathname === ROUTES.ORG_SETTINGS ||
+				pathname === ROUTES.MEMBERS_SETTINGS ||
+				pathname === ROUTES.BILLING ||
+				pathname === ROUTES.MY_SETTINGS);
+
+		if (
+			pathname &&
+			pathname !== ROUTES.WORKSPACE_LOCKED &&
+			!isRouteEnabledForWorkspaceBlockedState
+		) {
+			history.push(ROUTES.WORKSPACE_LOCKED);
+		}
+	}, [isAdmin, pathname]);
+
+	const navigateToWorkSpaceAccessRestricted = useCallback((): void => {
+		if (pathname && pathname !== ROUTES.WORKSPACE_ACCESS_RESTRICTED) {
+			history.push(ROUTES.WORKSPACE_ACCESS_RESTRICTED);
+		}
+	}, [pathname]);
+
+	useEffect(() => {
+		if (!isFetchingActiveLicense && activeLicense) {
+			const isTerminated = activeLicense.state === LicenseState.TERMINATED;
+			const isExpired = activeLicense.state === LicenseState.EXPIRED;
+			const isCancelled = activeLicense.state === LicenseState.CANCELLED;
+
+			const isWorkspaceAccessRestricted = isTerminated || isExpired || isCancelled;
+
+			const { platform } = activeLicense;
+
+			if (isWorkspaceAccessRestricted && platform === LicensePlatform.CLOUD) {
+				navigateToWorkSpaceAccessRestricted();
+			}
+		}
+	}, [
+		isFetchingActiveLicense,
+		activeLicense,
+		navigateToWorkSpaceAccessRestricted,
+	]);
+
+	useEffect(() => {
+		if (!isFetchingActiveLicense) {
+			const shouldBlockWorkspace = trialInfo?.workSpaceBlock;
+
+			if (
+				shouldBlockWorkspace &&
+				activeLicense?.platform === LicensePlatform.CLOUD
+			) {
+				navigateToWorkSpaceBlocked();
+			}
+		}
+	}, [
+		isFetchingActiveLicense,
+		trialInfo?.workSpaceBlock,
+		activeLicense?.platform,
+		navigateToWorkSpaceBlocked,
+	]);
+
+	const navigateToWorkSpaceSuspended = useCallback((): void => {
+		if (pathname && pathname !== ROUTES.WORKSPACE_SUSPENDED) {
+			history.push(ROUTES.WORKSPACE_SUSPENDED);
+		}
+	}, [pathname]);
+
+	useEffect(() => {
+		if (!isFetchingActiveLicense && activeLicense) {
+			const shouldSuspendWorkspace =
+				activeLicense.state === LicenseState.DEFAULTED;
+
+			if (
+				shouldSuspendWorkspace &&
+				activeLicense.platform === LicensePlatform.CLOUD
+			) {
+				navigateToWorkSpaceSuspended();
+			}
+		}
+	}, [isFetchingActiveLicense, activeLicense, navigateToWorkSpaceSuspended]);
+
+	useEffect(() => {
+		if (org && org.length > 0 && org[0].id !== undefined) {
+			setOrgData(org[0]);
+		}
+	}, [org]);
+
+	// if the feature flag is enabled and the current route is /get-started then redirect to /get-started-with-signoz-cloud
+	useEffect(() => {
+		if (
+			currentRoute?.path === ROUTES.GET_STARTED &&
+			featureFlags?.find((e) => e.name === FeatureKeys.ONBOARDING_V3)?.active
+		) {
+			history.push(ROUTES.GET_STARTED_WITH_CLOUD);
+		}
+	}, [currentRoute, featureFlags]);
+
+	// eslint-disable-next-line sonarjs/cognitive-complexity
+	useEffect(() => {
+		// if it is an old route navigate to the new route
+		if (isOldRoute) {
+			// this will be handled by the redirect component below
+			return;
+		}
+
+		// if the current route is public dashboard then don't redirect to login
+		const isPublicDashboard = currentRoute?.path === ROUTES.PUBLIC_DASHBOARD;
+
+		if (isPublicDashboard) {
+			return;
+		}
+
+		// if the current route
+		if (currentRoute) {
+			const { isPrivate, key } = currentRoute;
+			if (isPrivate) {
+				if (isLoggedInState) {
+					const route = routePermission[key];
+					if (route && route.find((e) => e === user.role) === undefined) {
+						history.push(ROUTES.UN_AUTHORIZED);
+					}
+				} else {
+					setLocalStorageApi(LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT, pathname);
+					history.push(ROUTES.LOGIN);
+				}
+			} else if (isLoggedInState) {
+				const fromPathname = getLocalStorageApi(
+					LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT,
+				);
+				if (fromPathname) {
+					history.push(fromPathname);
+					setLocalStorageApi(LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT, '');
+				} else if (pathname !== ROUTES.SOMETHING_WENT_WRONG) {
+					history.push(ROUTES.HOME);
+				}
+			} else {
+				// do nothing as the unauthenticated routes are LOGIN and SIGNUP and the LOGIN container takes care of routing to signup if
+				// setup is not completed
+			}
+		} else if (isLoggedInState) {
+			const fromPathname = getLocalStorageApi(
+				LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT,
+			);
+			if (fromPathname) {
+				history.push(fromPathname);
+				setLocalStorageApi(LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT, '');
+			} else {
+				history.push(ROUTES.HOME);
+			}
+		} else {
+			setLocalStorageApi(LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT, pathname);
+			history.push(ROUTES.LOGIN);
+		}
+	}, [isLoggedInState, pathname, user, isOldRoute, currentRoute, location]);
+
 	if (isOldRoute) {
 		const redirectUrl = oldNewRoutesMapping[pathname];
 		return (
@@ -93,143 +296,7 @@ function PrivateRoute({ children }: PrivateRouteProps): JSX.Element {
 		);
 	}

-	// Public dashboard - no redirect needed
-	const isPublicDashboard = currentRoute?.path === ROUTES.PUBLIC_DASHBOARD;
-	if (isPublicDashboard) {
-		return <>{children}</>;
-	}
-
-	// Check for workspace access restriction (cloud only)
-	const isCloudPlatform = activeLicense?.platform === LicensePlatform.CLOUD;
-
-	if (!isFetchingActiveLicense && activeLicense && isCloudPlatform) {
-		const isTerminated = activeLicense.state === LicenseState.TERMINATED;
-		const isExpired = activeLicense.state === LicenseState.EXPIRED;
-		const isCancelled = activeLicense.state === LicenseState.CANCELLED;
-		const isWorkspaceAccessRestricted = isTerminated || isExpired || isCancelled;
-
-		if (
-			isWorkspaceAccessRestricted &&
-			pathname !== ROUTES.WORKSPACE_ACCESS_RESTRICTED
-		) {
-			return <Redirect to={ROUTES.WORKSPACE_ACCESS_RESTRICTED} />;
-		}
-
-		// Check for workspace suspended (DEFAULTED)
-		const shouldSuspendWorkspace = activeLicense.state === LicenseState.DEFAULTED;
-		if (shouldSuspendWorkspace && pathname !== ROUTES.WORKSPACE_SUSPENDED) {
-			return <Redirect to={ROUTES.WORKSPACE_SUSPENDED} />;
-		}
-	}
-
-	// Check for workspace blocked (trial expired)
-	if (!isFetchingActiveLicense && isCloudPlatform && trialInfo?.workSpaceBlock) {
-		const isRouteEnabledForWorkspaceBlockedState =
-			isAdmin &&
-			(pathname === ROUTES.SETTINGS ||
-				pathname === ROUTES.ORG_SETTINGS ||
-				pathname === ROUTES.MEMBERS_SETTINGS ||
-				pathname === ROUTES.BILLING ||
-				pathname === ROUTES.MY_SETTINGS);
-
-		if (
-			pathname !== ROUTES.WORKSPACE_LOCKED &&
-			!isRouteEnabledForWorkspaceBlockedState
-		) {
-			return <Redirect to={ROUTES.WORKSPACE_LOCKED} />;
-		}
-	}
-
-	// Check for onboarding redirect (cloud users, first user, onboarding not complete)
-	if (
-		isCloudUserVal &&
-		!isFetchingOrgPreferences &&
-		orgPreferences &&
-		!isFetchingUsers &&
-		usersData &&
-		usersData.data
-	) {
-		const isOnboardingComplete = orgPreferences?.find(
-			(preference: OrgPreference) =>
-				preference.name === ORG_PREFERENCES.ORG_ONBOARDING,
-		)?.value;
-
-		// Don't redirect to onboarding if workspace has issues
-		const isWorkspaceBlocked = trialInfo?.workSpaceBlock;
-		const isWorkspaceSuspended = activeLicense?.state === LicenseState.DEFAULTED;
-		const isWorkspaceAccessRestricted =
-			activeLicense?.state === LicenseState.TERMINATED ||
-			activeLicense?.state === LicenseState.EXPIRED ||
-			activeLicense?.state === LicenseState.CANCELLED;
-
-		const hasWorkspaceIssue =
-			isWorkspaceBlocked || isWorkspaceSuspended || isWorkspaceAccessRestricted;
-
-		if (!hasWorkspaceIssue) {
-			const isFirstUser = checkFirstTimeUser();
-			if (
-				isFirstUser &&
-				!isOnboardingComplete &&
-				!ROUTES_NOT_TO_BE_OVERRIDEN.includes(pathname) &&
-				pathname !== ROUTES.ONBOARDING
-			) {
-				return <Redirect to={ROUTES.ONBOARDING} />;
-			}
-		}
-	}
-
-	// Check for GET_STARTED → GET_STARTED_WITH_CLOUD redirect (feature flag)
-	if (
-		currentRoute?.path === ROUTES.GET_STARTED &&
-		featureFlags?.find((e) => e.name === FeatureKeys.ONBOARDING_V3)?.active
-	) {
-		return <Redirect to={ROUTES.GET_STARTED_WITH_CLOUD} />;
-	}
-
-	// Main routing logic
-	if (currentRoute) {
-		const { isPrivate, key } = currentRoute;
-		if (isPrivate) {
-			if (isLoggedInState) {
-				const route = routePermission[key];
-				if (route && route.find((e) => e === user.role) === undefined) {
-					return <Redirect to={ROUTES.UN_AUTHORIZED} />;
-				}
-			} else {
-				// Save current path and redirect to login
-				setLocalStorageApi(LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT, pathname);
-				return <Redirect to={ROUTES.LOGIN} />;
-			}
-		} else if (isLoggedInState) {
-			// Non-private route, but user is logged in
-			const fromPathname = getLocalStorageApi(
-				LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT,
-			);
-			if (fromPathname) {
-				setLocalStorageApi(LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT, '');
-				return <Redirect to={fromPathname} />;
-			}
-			if (pathname !== ROUTES.SOMETHING_WENT_WRONG) {
-				return <Redirect to={ROUTES.HOME} />;
-			}
-		}
-		// Non-private route, user not logged in - let login/signup pages handle it
-	} else if (isLoggedInState) {
-		// Unknown route, logged in
-		const fromPathname = getLocalStorageApi(
-			LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT,
-		);
-		if (fromPathname) {
-			setLocalStorageApi(LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT, '');
-			return <Redirect to={fromPathname} />;
-		}
-		return <Redirect to={ROUTES.HOME} />;
-	} else {
-		// Unknown route, not logged in
-		setLocalStorageApi(LOCALSTORAGE.UNAUTHENTICATED_ROUTE_HIT, pathname);
-		return <Redirect to={ROUTES.LOGIN} />;
-	}
-
+	// NOTE: disabling this rule as there is no need to have div
 	return <>{children}</>;
 }

--- a/frontend/src/AppRoutes/tests/Private.test.tsx
+++ b/frontend/src/AppRoutes/tests/Private.test.tsx
@@ -6,6 +6,7 @@ import { FeatureKeys } from 'constants/features';
 import { LOCALSTORAGE } from 'constants/localStorage';
 import { ORG_PREFERENCES } from 'constants/orgPreferences';
 import ROUTES from 'constants/routes';
+import history from 'lib/history';
 import { AppContext } from 'providers/App/App';
 import { IAppContext, IUser } from 'providers/App/types';
 import {
@@ -21,6 +22,19 @@ import { ROLES, USER_ROLES } from 'types/roles';

 import PrivateRoute from '../Private';

+// Mock history module
+jest.mock('lib/history', () => ({
+	__esModule: true,
+	default: {
+		push: jest.fn(),
+		location: { pathname: '/', search: '', hash: '' },
+		listen: jest.fn(),
+		createHref: jest.fn(),
+	},
+}));
+
+const mockHistoryPush = history.push as jest.Mock;
+
 // Mock localStorage APIs
 const mockLocalStorage: Record<string, string> = {};
 jest.mock('api/browser/localstorage/get', () => ({
@@ -225,18 +239,20 @@ function renderPrivateRoute(options: RenderPrivateRouteOptions = {}): void {
 }

 // Generic assertion helpers for navigation behavior
-// Using location-based assertions since Private.tsx now uses Redirect component
+// Using these allows easier refactoring when switching from history.push to Redirect component

 async function assertRedirectsTo(targetRoute: string): Promise<void> {
 	await waitFor(() => {
-		expect(screen.getByTestId('location-display')).toHaveTextContent(targetRoute);
+		expect(mockHistoryPush).toHaveBeenCalledWith(targetRoute);
 	});
 }

-function assertStaysOnRoute(expectedRoute: string): void {
-	expect(screen.getByTestId('location-display')).toHaveTextContent(
-		expectedRoute,
-	);
+function assertNoRedirect(): void {
+	expect(mockHistoryPush).not.toHaveBeenCalled();
+}
+
+function assertDoesNotRedirectTo(targetRoute: string): void {
+	expect(mockHistoryPush).not.toHaveBeenCalledWith(targetRoute);
 }

 function assertRendersChildren(): void {
@@ -334,7 +350,7 @@ describe('PrivateRoute', () => {
 			});

 			assertRendersChildren();
-			assertStaysOnRoute('/public/dashboard/abc123');
+			assertNoRedirect();
 		});

 		it('should render children for public dashboard route when logged in without redirecting', () => {
@@ -346,7 +362,7 @@ describe('PrivateRoute', () => {
 			assertRendersChildren();
 			// Critical: without the isPublicDashboard early return, logged-in users
 			// would be redirected to HOME due to the non-private route handling
-			assertStaysOnRoute('/public/dashboard/abc123');
+			assertNoRedirect();
 		});
 	});

@@ -404,7 +420,7 @@ describe('PrivateRoute', () => {
 			});

 			assertRendersChildren();
-			assertStaysOnRoute(ROUTES.HOME);
+			assertNoRedirect();
 		});

 		it('should redirect to unauthorized when VIEWER tries to access admin-only route /alerts/new', async () => {
@@ -513,7 +529,7 @@ describe('PrivateRoute', () => {
 				appContext: { isLoggedIn: true },
 			});

-			assertStaysOnRoute(ROUTES.SOMETHING_WENT_WRONG);
+			assertDoesNotRedirectTo(ROUTES.HOME);
 		});
 	});

@@ -525,7 +541,7 @@ describe('PrivateRoute', () => {
 			});

 			// Should not redirect - login page handles its own routing
-			assertStaysOnRoute(ROUTES.LOGIN);
+			assertNoRedirect();
 		});

 		it('should not redirect when not logged in user visits signup page', () => {
@@ -534,7 +550,7 @@ describe('PrivateRoute', () => {
 				appContext: { isLoggedIn: false },
 			});

-			assertStaysOnRoute(ROUTES.SIGN_UP);
+			assertNoRedirect();
 		});

 		it('should not redirect when not logged in user visits password reset page', () => {
@@ -543,7 +559,7 @@ describe('PrivateRoute', () => {
 				appContext: { isLoggedIn: false },
 			});

-			assertStaysOnRoute(ROUTES.PASSWORD_RESET);
+			assertNoRedirect();
 		});

 		it('should not redirect when not logged in user visits forgot password page', () => {
@@ -552,7 +568,7 @@ describe('PrivateRoute', () => {
 				appContext: { isLoggedIn: false },
 			});

-			assertStaysOnRoute(ROUTES.FORGOT_PASSWORD);
+			assertNoRedirect();
 		});
 	});

@@ -641,7 +657,7 @@ describe('PrivateRoute', () => {
 			});

 			// Admin should be able to access settings even when workspace is blocked
-			assertStaysOnRoute(ROUTES.SETTINGS);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_LOCKED);
 		});

 		it('should allow ADMIN to access /settings/billing when workspace is blocked', () => {
@@ -657,7 +673,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.BILLING);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_LOCKED);
 		});

 		it('should allow ADMIN to access /settings/org-settings when workspace is blocked', () => {
@@ -673,7 +689,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.ORG_SETTINGS);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_LOCKED);
 		});

 		it('should allow ADMIN to access /settings/members when workspace is blocked', () => {
@@ -689,7 +705,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.MEMBERS_SETTINGS);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_LOCKED);
 		});

 		it('should allow ADMIN to access /settings/my-settings when workspace is blocked', () => {
@@ -705,7 +721,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.MY_SETTINGS);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_LOCKED);
 		});

 		it('should redirect VIEWER to workspace locked even when trying to access settings', async () => {
@@ -816,7 +832,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.WORKSPACE_LOCKED);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_LOCKED);
 		});

 		it('should not redirect self-hosted users to workspace locked even when workSpaceBlock is true', () => {
@@ -833,7 +849,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: false,
 			});

-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_LOCKED);
 		});
 	});

@@ -903,7 +919,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.WORKSPACE_ACCESS_RESTRICTED);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_ACCESS_RESTRICTED);
 		});

 		it('should not redirect self-hosted users to workspace access restricted when license is terminated', () => {
@@ -920,7 +936,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: false,
 			});

-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_ACCESS_RESTRICTED);
 		});

 		it('should not redirect when license is ACTIVE', () => {
@@ -937,7 +953,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_ACCESS_RESTRICTED);
 		});

 		it('should not redirect when license is EVALUATING', () => {
@@ -954,7 +970,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_ACCESS_RESTRICTED);
 		});
 	});

@@ -990,7 +1006,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.WORKSPACE_SUSPENDED);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_SUSPENDED);
 		});

 		it('should not redirect self-hosted users to workspace suspended when license is defaulted', () => {
@@ -1007,7 +1023,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: false,
 			});

-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_SUSPENDED);
 		});
 	});

@@ -1027,11 +1043,6 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			// Wait for the users query to complete and trigger re-render
-			await act(async () => {
-				await Promise.resolve();
-			});
-
 			await assertRedirectsTo(ROUTES.ONBOARDING);
 		});

@@ -1047,7 +1058,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.ONBOARDING);
 		});

 		it('should not redirect to onboarding when onboarding is already complete', async () => {
@@ -1073,7 +1084,7 @@ describe('PrivateRoute', () => {

 			// Critical: if isOnboardingComplete check is broken (always false),
 			// this test would fail because all other conditions for redirect ARE met
-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.ONBOARDING);
 		});

 		it('should not redirect to onboarding for non-cloud users', () => {
@@ -1088,7 +1099,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: false,
 			});

-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.ONBOARDING);
 		});

 		it('should not redirect to onboarding when on /workspace-locked route', () => {
@@ -1103,7 +1114,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.WORKSPACE_LOCKED);
+			assertDoesNotRedirectTo(ROUTES.ONBOARDING);
 		});

 		it('should not redirect to onboarding when on /workspace-suspended route', () => {
@@ -1118,7 +1129,7 @@ describe('PrivateRoute', () => {
 				isCloudUser: true,
 			});

-			assertStaysOnRoute(ROUTES.WORKSPACE_SUSPENDED);
+			assertDoesNotRedirectTo(ROUTES.ONBOARDING);
 		});

 		it('should not redirect to onboarding when workspace is blocked and accessing billing', async () => {
@@ -1145,7 +1156,7 @@ describe('PrivateRoute', () => {
 			});

 			// Should NOT redirect to onboarding - user needs to access billing to fix payment
-			assertStaysOnRoute(ROUTES.BILLING);
+			assertDoesNotRedirectTo(ROUTES.ONBOARDING);
 		});

 		it('should not redirect to onboarding when workspace is blocked and accessing settings', async () => {
@@ -1169,7 +1180,7 @@ describe('PrivateRoute', () => {
 				await Promise.resolve();
 			});

-			assertStaysOnRoute(ROUTES.SETTINGS);
+			assertDoesNotRedirectTo(ROUTES.ONBOARDING);
 		});

 		it('should not redirect to onboarding when workspace is suspended (DEFAULTED)', async () => {
@@ -1196,7 +1207,7 @@ describe('PrivateRoute', () => {
 			});

 			// Should redirect to WORKSPACE_SUSPENDED, not ONBOARDING
-			await assertRedirectsTo(ROUTES.WORKSPACE_SUSPENDED);
+			assertDoesNotRedirectTo(ROUTES.ONBOARDING);
 		});

 		it('should not redirect to onboarding when workspace is access restricted (TERMINATED)', async () => {
@@ -1223,7 +1234,7 @@ describe('PrivateRoute', () => {
 			});

 			// Should redirect to WORKSPACE_ACCESS_RESTRICTED, not ONBOARDING
-			await assertRedirectsTo(ROUTES.WORKSPACE_ACCESS_RESTRICTED);
+			assertDoesNotRedirectTo(ROUTES.ONBOARDING);
 		});

 		it('should not redirect to onboarding when workspace is access restricted (EXPIRED)', async () => {
@@ -1249,7 +1260,7 @@ describe('PrivateRoute', () => {
 				await Promise.resolve();
 			});

-			await assertRedirectsTo(ROUTES.WORKSPACE_ACCESS_RESTRICTED);
+			assertDoesNotRedirectTo(ROUTES.ONBOARDING);
 		});
 	});

@@ -1291,7 +1302,7 @@ describe('PrivateRoute', () => {
 				},
 			});

-			assertStaysOnRoute(ROUTES.GET_STARTED);
+			assertDoesNotRedirectTo(ROUTES.GET_STARTED_WITH_CLOUD);
 		});

 		it('should not redirect when on GET_STARTED and ONBOARDING_V3 feature flag is not present', () => {
@@ -1303,7 +1314,7 @@ describe('PrivateRoute', () => {
 				},
 			});

-			assertStaysOnRoute(ROUTES.GET_STARTED);
+			assertDoesNotRedirectTo(ROUTES.GET_STARTED_WITH_CLOUD);
 		});

 		it('should not redirect when on different route even if ONBOARDING_V3 is active', () => {
@@ -1323,7 +1334,7 @@ describe('PrivateRoute', () => {
 				},
 			});

-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.GET_STARTED_WITH_CLOUD);
 		});
 	});

@@ -1339,7 +1350,7 @@ describe('PrivateRoute', () => {
 				},
 			});

-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_LOCKED);
 		});

 		it('should not fetch users when org data is not available', () => {
@@ -1382,7 +1393,9 @@ describe('PrivateRoute', () => {
 				},
 			});

-			assertStaysOnRoute(ROUTES.HOME);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_LOCKED);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_SUSPENDED);
+			assertDoesNotRedirectTo(ROUTES.WORKSPACE_ACCESS_RESTRICTED);
 		});
 	});

@@ -1423,40 +1436,22 @@ describe('PrivateRoute', () => {
 			await assertRedirectsTo(ROUTES.UN_AUTHORIZED);
 		});

-		it('should allow ADMIN to access /services route', () => {
-			renderPrivateRoute({
-				initialRoute: ROUTES.APPLICATION,
-				appContext: {
-					isLoggedIn: true,
-					user: createMockUser({ role: USER_ROLES.ADMIN as ROLES }),
-				},
+		it('should allow all roles to access /services route', () => {
+			const roles = [USER_ROLES.ADMIN, USER_ROLES.EDITOR, USER_ROLES.VIEWER];
+
+			roles.forEach((role) => {
+				jest.clearAllMocks();
+
+				renderPrivateRoute({
+					initialRoute: ROUTES.APPLICATION,
+					appContext: {
+						isLoggedIn: true,
+						user: createMockUser({ role: role as ROLES }),
+					},
+				});
+
+				assertDoesNotRedirectTo(ROUTES.UN_AUTHORIZED);
 			});
-
-			assertStaysOnRoute(ROUTES.APPLICATION);
-		});
-
-		it('should allow EDITOR to access /services route', () => {
-			renderPrivateRoute({
-				initialRoute: ROUTES.APPLICATION,
-				appContext: {
-					isLoggedIn: true,
-					user: createMockUser({ role: USER_ROLES.EDITOR as ROLES }),
-				},
-			});
-
-			assertStaysOnRoute(ROUTES.APPLICATION);
-		});
-
-		it('should allow VIEWER to access /services route', () => {
-			renderPrivateRoute({
-				initialRoute: ROUTES.APPLICATION,
-				appContext: {
-					isLoggedIn: true,
-					user: createMockUser({ role: USER_ROLES.VIEWER as ROLES }),
-				},
-			});
-
-			assertStaysOnRoute(ROUTES.APPLICATION);
 		});

 		it('should redirect VIEWER from /onboarding route (admin only)', async () => {
@@ -1486,7 +1481,7 @@ describe('PrivateRoute', () => {
 			});

 			assertRendersChildren();
-			assertStaysOnRoute(ROUTES.CHANNELS_NEW);
+			assertDoesNotRedirectTo(ROUTES.UN_AUTHORIZED);
 		});

 		it('should allow EDITOR to access /get-started route', () => {
@@ -1498,7 +1493,7 @@ describe('PrivateRoute', () => {
 				},
 			});

-			assertStaysOnRoute(ROUTES.GET_STARTED);
+			assertDoesNotRedirectTo(ROUTES.UN_AUTHORIZED);
 		});
 	});

--- a/frontend/src/components/CreateServiceAccountModal/CreateServiceAccountModal.tsx
+++ b/frontend/src/components/CreateServiceAccountModal/CreateServiceAccountModal.tsx
@@ -14,8 +14,6 @@ import type { RenderErrorResponseDTO } from 'api/generated/services/sigNoz.schem
 import { AxiosError } from 'axios';
 import { SA_QUERY_PARAMS } from 'container/ServiceAccountsSettings/constants';
 import { parseAsBoolean, useQueryState } from 'nuqs';
-import { useErrorModal } from 'providers/ErrorModalProvider';
-import APIError from 'types/api/error';

 import './CreateServiceAccountModal.styles.scss';

@@ -30,8 +28,6 @@ function CreateServiceAccountModal(): JSX.Element {
 		parseAsBoolean.withDefault(false),
 	);

-	const { showErrorModal, isErrorModalVisible } = useErrorModal();
-
 	const {
 		control,
 		handleSubmit,
@@ -58,10 +54,13 @@ function CreateServiceAccountModal(): JSX.Element {
 				await invalidateListServiceAccounts(queryClient);
 			},
 			onError: (err) => {
-				const errMessage = convertToApiError(
-					err as AxiosError<RenderErrorResponseDTO, unknown> | null,
-				);
-				showErrorModal(errMessage as APIError);
+				const errMessage =
+					convertToApiError(
+						err as AxiosError<RenderErrorResponseDTO, unknown> | null,
+					)?.getErrorMessage() || 'An error occurred';
+				toast.error(`Failed to create service account: ${errMessage}`, {
+					richColors: true,
+				});
 			},
 		},
 	});
@@ -91,7 +90,7 @@ function CreateServiceAccountModal(): JSX.Element {
 			showCloseButton
 			width="narrow"
 			className="create-sa-modal"
-			disableOutsideClick={isErrorModalVisible}
+			disableOutsideClick={false}
 		>
 			<div className="create-sa-modal__content">
 				<form
--- a/frontend/src/components/CreateServiceAccountModal/tests/CreateServiceAccountModal.test.tsx
+++ b/frontend/src/components/CreateServiceAccountModal/tests/CreateServiceAccountModal.test.tsx
@@ -11,16 +11,6 @@ jest.mock('@signozhq/sonner', () => ({

 const mockToast = jest.mocked(toast);

-const showErrorModal = jest.fn();
-jest.mock('providers/ErrorModalProvider', () => ({
-	__esModule: true,
-	...jest.requireActual('providers/ErrorModalProvider'),
-	useErrorModal: jest.fn(() => ({
-		showErrorModal,
-		isErrorModalVisible: false,
-	})),
-}));
-
 const SERVICE_ACCOUNTS_ENDPOINT = '*/api/v1/service_accounts';

 function renderModal(): ReturnType<typeof render> {
@@ -102,13 +92,10 @@ describe('CreateServiceAccountModal', () => {
 		await user.click(submitBtn);

 		await waitFor(() => {
-			expect(showErrorModal).toHaveBeenCalledWith(
-				expect.objectContaining({
-					getErrorMessage: expect.any(Function),
-				}),
+			expect(mockToast.error).toHaveBeenCalledWith(
+				expect.stringMatching(/Failed to create service account/i),
+				expect.anything(),
 			);
-			const passedError = showErrorModal.mock.calls[0][0] as any;
-			expect(passedError.getErrorMessage()).toBe('Internal Server Error');
 		});

 		expect(
--- a/frontend/src/components/EditMemberDrawer/EditMemberDrawer.tsx
+++ b/frontend/src/components/EditMemberDrawer/EditMemberDrawer.tsx
@@ -1,4 +1,4 @@
-import { useCallback, useEffect, useRef, useState } from 'react';
+import { useCallback, useEffect, useState } from 'react';
 import { useCopyToClipboard } from 'react-use';
 import { Badge } from '@signozhq/badge';
 import { Button } from '@signozhq/button';
@@ -28,7 +28,6 @@ import {
 	useMemberRoleManager,
 } from 'hooks/member/useMemberRoleManager';
 import { useAppContext } from 'providers/App/App';
-import { useErrorModal } from 'providers/ErrorModalProvider';
 import { useTimezone } from 'providers/Timezone';
 import APIError from 'types/api/error';
 import { toAPIError } from 'utils/errorUtils';
@@ -91,11 +90,8 @@ function EditMemberDrawer({
 	const [linkType, setLinkType] = useState<'invite' | 'reset' | null>(null);

 	const isInvited = member?.status === MemberStatus.Invited;
-	const isDeleted = member?.status === MemberStatus.Deleted;
 	const isSelf = !!member?.id && member.id === currentUser?.id;

-	const { showErrorModal } = useErrorModal();
-
 	const {
 		data: fetchedUser,
 		isLoading: isFetchingUser,
@@ -115,39 +111,26 @@ function EditMemberDrawer({
 		refetch: refetchRoles,
 	} = useRoles();

-	const {
-		fetchedRoleIds,
-		isLoading: isMemberRolesLoading,
-		applyDiff,
-	} = useMemberRoleManager(member?.id ?? '', open && !!member?.id);
+	const { fetchedRoleIds, applyDiff } = useMemberRoleManager(
+		member?.id ?? '',
+		open && !!member?.id,
+	);

 	const fetchedDisplayName =
 		fetchedUser?.data?.displayName ?? member?.name ?? '';
 	const fetchedUserId = fetchedUser?.data?.id;
 	const fetchedUserDisplayName = fetchedUser?.data?.displayName;

-	const roleSessionRef = useRef<string | null>(null);
-
 	useEffect(() => {
 		if (fetchedUserId) {
 			setLocalDisplayName(fetchedUserDisplayName ?? member?.name ?? '');
 		}
+		setSaveErrors([]);
 	}, [fetchedUserId, fetchedUserDisplayName, member?.name]);

 	useEffect(() => {
-		if (fetchedUserId) {
-			setSaveErrors([]);
-		}
-	}, [fetchedUserId]);
-
-	useEffect(() => {
-		if (!member?.id) {
-			roleSessionRef.current = null;
-		} else if (member.id !== roleSessionRef.current && !isMemberRolesLoading) {
-			setLocalRole(fetchedRoleIds[0] ?? '');
-			roleSessionRef.current = member.id;
-		}
-	}, [member?.id, fetchedRoleIds, isMemberRolesLoading]);
+		setLocalRole(fetchedRoleIds[0] ?? '');
+	}, [fetchedRoleIds]);

 	const isDirty =
 		member !== null &&
@@ -170,10 +153,17 @@ function EditMemberDrawer({
 				onClose();
 			},
 			onError: (err): void => {
-				const errMessage = convertToApiError(
-					err as AxiosError<RenderErrorResponseDTO, unknown> | null,
-				);
-				showErrorModal(errMessage as APIError);
+				const errMessage =
+					convertToApiError(
+						err as AxiosError<RenderErrorResponseDTO, unknown> | null,
+					)?.getErrorMessage() || 'An error occurred';
+				const prefix = isInvited
+					? 'Failed to revoke invite'
+					: 'Failed to delete member';
+				toast.error(`${prefix}: ${errMessage}`, {
+					richColors: true,
+					position: 'top-right',
+				});
 			},
 		},
 	});
@@ -354,15 +344,15 @@ function EditMemberDrawer({
 					position: 'top-right',
 				});
 			}
-		} catch (err) {
-			const errMsg = convertToApiError(
-				err as AxiosError<RenderErrorResponseDTO, unknown> | null,
-			);
-			showErrorModal(errMsg as APIError);
+		} catch {
+			toast.error('Failed to generate password reset link', {
+				richColors: true,
+				position: 'top-right',
+			});
 		} finally {
 			setIsGeneratingLink(false);
 		}
-	}, [member, isInvited, onClose, showErrorModal]);
+	}, [member, isInvited, onClose]);

 	const [copyState, copyToClipboard] = useCopyToClipboard();
 	const handleCopyResetLink = useCallback((): void => {
@@ -429,7 +419,7 @@ function EditMemberDrawer({
 						}}
 						className="edit-member-drawer__input"
 						placeholder="Enter name"
-						disabled={isRootUser || isDeleted}
+						disabled={isRootUser}
 					/>
 				</Tooltip>
 			</div>
@@ -450,15 +440,9 @@ function EditMemberDrawer({
 				<label className="edit-member-drawer__label" htmlFor="member-role">
 					Roles
 				</label>
-				{isSelf || isRootUser || isDeleted ? (
+				{isSelf || isRootUser ? (
 					<Tooltip
-						title={
-							isRootUser
-								? ROOT_USER_TOOLTIP
-								: isDeleted
-								? undefined
-								: 'You cannot modify your own role'
-						}
+						title={isRootUser ? ROOT_USER_TOOLTIP : 'You cannot modify your own role'}
 					>
 						<div className="edit-member-drawer__input-wrapper edit-member-drawer__input-wrapper--disabled">
 							<div className="edit-member-drawer__disabled-roles">
@@ -483,7 +467,7 @@ function EditMemberDrawer({
 						onRefetch={refetchRoles}
 						value={localRole}
 						onChange={(role): void => {
-							setLocalRole(role ?? '');
+							setLocalRole(role);
 							setSaveErrors((prev) =>
 								prev.filter(
 									(err) =>
@@ -492,7 +476,6 @@ function EditMemberDrawer({
 							);
 						}}
 						placeholder="Select role"
-						allowClear={false}
 					/>
 				)}
 			</div>
@@ -504,10 +487,6 @@ function EditMemberDrawer({
 						<Badge color="forest" variant="outline">
 							ACTIVE
 						</Badge>
-					) : member?.status === MemberStatus.Deleted ? (
-						<Badge color="cherry" variant="outline">
-							DELETED
-						</Badge>
 					) : (
 						<Badge color="amber" variant="outline">
 							INVITED
@@ -546,57 +525,55 @@ function EditMemberDrawer({
 		<div className="edit-member-drawer__layout">
 			<div className="edit-member-drawer__body">{drawerBody}</div>

-			{!isDeleted && (
-				<div className="edit-member-drawer__footer">
-					<div className="edit-member-drawer__footer-left">
-						<Tooltip title={getDeleteTooltip(isRootUser, isSelf)}>
-							<span className="edit-member-drawer__tooltip-wrapper">
-								<Button
-									className="edit-member-drawer__footer-btn edit-member-drawer__footer-btn--danger"
-									onClick={(): void => setShowDeleteConfirm(true)}
-									disabled={isRootUser || isSelf}
-								>
-									<Trash2 size={12} />
-									{isInvited ? 'Revoke Invite' : 'Delete Member'}
-								</Button>
-							</span>
-						</Tooltip>
+			<div className="edit-member-drawer__footer">
+				<div className="edit-member-drawer__footer-left">
+					<Tooltip title={getDeleteTooltip(isRootUser, isSelf)}>
+						<span className="edit-member-drawer__tooltip-wrapper">
+							<Button
+								className="edit-member-drawer__footer-btn edit-member-drawer__footer-btn--danger"
+								onClick={(): void => setShowDeleteConfirm(true)}
+								disabled={isRootUser || isSelf}
+							>
+								<Trash2 size={12} />
+								{isInvited ? 'Revoke Invite' : 'Delete Member'}
+							</Button>
+						</span>
+					</Tooltip>

-						<div className="edit-member-drawer__footer-divider" />
-						<Tooltip title={isRootUser ? ROOT_USER_TOOLTIP : undefined}>
-							<span className="edit-member-drawer__tooltip-wrapper">
-								<Button
-									className="edit-member-drawer__footer-btn edit-member-drawer__footer-btn--warning"
-									onClick={handleGenerateResetLink}
-									disabled={isGeneratingLink || isRootUser}
-								>
-									<RefreshCw size={12} />
-									{isGeneratingLink && 'Generating...'}
-									{!isGeneratingLink && isInvited && 'Copy Invite Link'}
-									{!isGeneratingLink && !isInvited && 'Generate Password Reset Link'}
-								</Button>
-							</span>
-						</Tooltip>
-					</div>
-
-					<div className="edit-member-drawer__footer-right">
-						<Button variant="solid" color="secondary" size="sm" onClick={handleClose}>
-							<X size={14} />
-							Cancel
-						</Button>
-
-						<Button
-							variant="solid"
-							color="primary"
-							size="sm"
-							disabled={!isDirty || isSaving || isRootUser}
-							onClick={handleSave}
-						>
-							{isSaving ? 'Saving...' : 'Save Member Details'}
-						</Button>
-					</div>
+					<div className="edit-member-drawer__footer-divider" />
+					<Tooltip title={isRootUser ? ROOT_USER_TOOLTIP : undefined}>
+						<span className="edit-member-drawer__tooltip-wrapper">
+							<Button
+								className="edit-member-drawer__footer-btn edit-member-drawer__footer-btn--warning"
+								onClick={handleGenerateResetLink}
+								disabled={isGeneratingLink || isRootUser}
+							>
+								<RefreshCw size={12} />
+								{isGeneratingLink && 'Generating...'}
+								{!isGeneratingLink && isInvited && 'Copy Invite Link'}
+								{!isGeneratingLink && !isInvited && 'Generate Password Reset Link'}
+							</Button>
+						</span>
+					</Tooltip>
 				</div>
-			)}
+
+				<div className="edit-member-drawer__footer-right">
+					<Button variant="solid" color="secondary" size="sm" onClick={handleClose}>
+						<X size={14} />
+						Cancel
+					</Button>
+
+					<Button
+						variant="solid"
+						color="primary"
+						size="sm"
+						disabled={!isDirty || isSaving || isRootUser}
+						onClick={handleSave}
+					>
+						{isSaving ? 'Saving...' : 'Save Member Details'}
+					</Button>
+				</div>
+			</div>
 		</div>
 	);

--- a/frontend/src/components/EditMemberDrawer/tests/EditMemberDrawer.test.tsx
+++ b/frontend/src/components/EditMemberDrawer/tests/EditMemberDrawer.test.tsx
@@ -84,16 +84,6 @@ const ROLES_ENDPOINT = '*/api/v1/roles';
 const mockDeleteMutate = jest.fn();
 const mockGetResetPasswordToken = jest.mocked(getResetPasswordToken);

-const showErrorModal = jest.fn();
-jest.mock('providers/ErrorModalProvider', () => ({
-	__esModule: true,
-	...jest.requireActual('providers/ErrorModalProvider'),
-	useErrorModal: jest.fn(() => ({
-		showErrorModal,
-		isErrorModalVisible: false,
-	})),
-}));
-
 const mockFetchedUser = {
 	data: {
 		id: 'user-1',
@@ -157,7 +147,6 @@ function renderDrawer(
 describe('EditMemberDrawer', () => {
 	beforeEach(() => {
 		jest.clearAllMocks();
-		showErrorModal.mockClear();
 		server.use(
 			rest.get(ROLES_ENDPOINT, (_, res, ctx) =>
 				res(ctx.status(200), ctx.json(listRolesSuccessResponse)),
@@ -470,6 +459,7 @@ describe('EditMemberDrawer', () => {

 		it('shows API error message when deleteUser fails for active member', async () => {
 			const user = userEvent.setup({ pointerEventsCheck: 0 });
+			const mockToast = jest.mocked(toast);

 			(useDeleteUser as jest.Mock).mockImplementation((options) => ({
 				mutate: mockDeleteMutate.mockImplementation(() => {
@@ -487,20 +477,16 @@ describe('EditMemberDrawer', () => {
 			await user.click(confirmBtns[confirmBtns.length - 1]);

 			await waitFor(() => {
-				expect(showErrorModal).toHaveBeenCalledWith(
-					expect.objectContaining({
-						getErrorMessage: expect.any(Function),
-					}),
-				);
-				const passedError = showErrorModal.mock.calls[0][0] as any;
-				expect(passedError.getErrorMessage()).toBe(
-					'Something went wrong on server',
+				expect(mockToast.error).toHaveBeenCalledWith(
+					'Failed to delete member: Something went wrong on server',
+					expect.anything(),
 				);
 			});
 		});

 		it('shows API error message when deleteUser fails for invited member', async () => {
 			const user = userEvent.setup({ pointerEventsCheck: 0 });
+			const mockToast = jest.mocked(toast);

 			(useDeleteUser as jest.Mock).mockImplementation((options) => ({
 				mutate: mockDeleteMutate.mockImplementation(() => {
@@ -518,14 +504,9 @@ describe('EditMemberDrawer', () => {
 			await user.click(confirmBtns[confirmBtns.length - 1]);

 			await waitFor(() => {
-				expect(showErrorModal).toHaveBeenCalledWith(
-					expect.objectContaining({
-						getErrorMessage: expect.any(Function),
-					}),
-				);
-				const passedError = showErrorModal.mock.calls[0][0] as any;
-				expect(passedError.getErrorMessage()).toBe(
-					'Something went wrong on server',
+				expect(mockToast.error).toHaveBeenCalledWith(
+					'Failed to revoke invite: Something went wrong on server',
+					expect.anything(),
 				);
 			});
 		});
--- a/frontend/src/components/InviteMembersModal/InviteMembersModal.tsx
+++ b/frontend/src/components/InviteMembersModal/InviteMembersModal.tsx
@@ -10,7 +10,6 @@ import { Select } from 'antd';
 import inviteUsers from 'api/v1/invite/bulk/create';
 import sendInvite from 'api/v1/invite/create';
 import { cloneDeep, debounce } from 'lodash-es';
-import { useErrorModal } from 'providers/ErrorModalProvider';
 import APIError from 'types/api/error';
 import { ROLES } from 'types/roles';
 import { EMAIL_REGEX } from 'utils/app';
@@ -41,8 +40,6 @@ function InviteMembersModal({
 	onClose,
 	onComplete,
 }: InviteMembersModalProps): JSX.Element {
-	const { showErrorModal, isErrorModalVisible } = useErrorModal();
-
 	const [rows, setRows] = useState<InviteRow[]>(() => [
 		EMPTY_ROW(),
 		EMPTY_ROW(),
@@ -207,11 +204,13 @@ function InviteMembersModal({
 			resetAndClose();
 			onComplete?.();
 		} catch (err) {
-			showErrorModal(err as APIError);
+			const apiErr = err as APIError;
+			const errorMessage = apiErr?.getErrorMessage?.() ?? 'An error occurred';
+			toast.error(errorMessage, { richColors: true, position: 'top-right' });
 		} finally {
 			setIsSubmitting(false);
 		}
-	}, [validateAllUsers, rows, resetAndClose, onComplete, showErrorModal]);
+	}, [rows, onComplete, resetAndClose, validateAllUsers]);

 	const touchedRows = rows.filter(isRowTouched);
 	const isSubmitDisabled = isSubmitting || touchedRows.length === 0;
@@ -228,7 +227,7 @@ function InviteMembersModal({
 			showCloseButton
 			width="wide"
 			className="invite-members-modal"
-			disableOutsideClick={isErrorModalVisible}
+			disableOutsideClick={false}
 		>
 			<div className="invite-members-modal__content">
 				<div className="invite-members-modal__table">
@@ -330,7 +329,6 @@ function InviteMembersModal({
 						size="sm"
 						onClick={handleSubmit}
 						disabled={isSubmitDisabled}
-						loading={isSubmitting}
 					>
 						{isSubmitting ? 'Inviting...' : 'Invite Team Members'}
 					</Button>
--- a/frontend/src/components/InviteMembersModal/tests/InviteMembersModal.test.tsx
+++ b/frontend/src/components/InviteMembersModal/tests/InviteMembersModal.test.tsx
@@ -1,3 +1,4 @@
+import { toast } from '@signozhq/sonner';
 import inviteUsers from 'api/v1/invite/bulk/create';
 import sendInvite from 'api/v1/invite/create';
 import { StatusCodes } from 'http-status-codes';
@@ -21,16 +22,6 @@ jest.mock('@signozhq/sonner', () => ({
 	},
 }));

-const showErrorModal = jest.fn();
-jest.mock('providers/ErrorModalProvider', () => ({
-	__esModule: true,
-	...jest.requireActual('providers/ErrorModalProvider'),
-	useErrorModal: jest.fn(() => ({
-		showErrorModal,
-		isErrorModalVisible: false,
-	})),
-}));
-
 const mockSendInvite = jest.mocked(sendInvite);
 const mockInviteUsers = jest.mocked(inviteUsers);

@@ -43,7 +34,6 @@ const defaultProps = {
 describe('InviteMembersModal', () => {
 	beforeEach(() => {
 		jest.clearAllMocks();
-		showErrorModal.mockClear();
 		mockSendInvite.mockResolvedValue({
 			httpStatusCode: 200,
 			data: { data: 'test', status: 'success' },
@@ -164,10 +154,9 @@ describe('InviteMembersModal', () => {
 	describe('error handling', () => {
 		it('shows BE message on single invite 409', async () => {
 			const user = userEvent.setup({ pointerEventsCheck: 0 });
-			const error = makeApiError(
-				'An invite already exists for this email: single@signoz.io',
+			mockSendInvite.mockRejectedValue(
+				makeApiError('An invite already exists for this email: single@signoz.io'),
 			);
-			mockSendInvite.mockRejectedValue(error);

 			render(<InviteMembersModal {...defaultProps} />);

@@ -182,16 +171,18 @@ describe('InviteMembersModal', () => {
 			);

 			await waitFor(() => {
-				expect(showErrorModal).toHaveBeenCalledWith(error);
+				expect(toast.error).toHaveBeenCalledWith(
+					'An invite already exists for this email: single@signoz.io',
+					expect.anything(),
+				);
 			});
 		});

 		it('shows BE message on bulk invite 409', async () => {
 			const user = userEvent.setup({ pointerEventsCheck: 0 });
-			const error = makeApiError(
-				'An invite already exists for this email: alice@signoz.io',
+			mockInviteUsers.mockRejectedValue(
+				makeApiError('An invite already exists for this email: alice@signoz.io'),
 			);
-			mockInviteUsers.mockRejectedValue(error);

 			render(<InviteMembersModal {...defaultProps} />);

@@ -210,17 +201,18 @@ describe('InviteMembersModal', () => {
 			);

 			await waitFor(() => {
-				expect(showErrorModal).toHaveBeenCalledWith(error);
+				expect(toast.error).toHaveBeenCalledWith(
+					'An invite already exists for this email: alice@signoz.io',
+					expect.anything(),
+				);
 			});
 		});

 		it('shows BE message on generic error', async () => {
 			const user = userEvent.setup({ pointerEventsCheck: 0 });
-			const error = makeApiError(
-				'Internal server error',
-				StatusCodes.INTERNAL_SERVER_ERROR,
+			mockSendInvite.mockRejectedValue(
+				makeApiError('Internal server error', StatusCodes.INTERNAL_SERVER_ERROR),
 			);
-			mockSendInvite.mockRejectedValue(error);

 			render(<InviteMembersModal {...defaultProps} />);

@@ -235,7 +227,10 @@ describe('InviteMembersModal', () => {
 			);

 			await waitFor(() => {
-				expect(showErrorModal).toHaveBeenCalledWith(error);
+				expect(toast.error).toHaveBeenCalledWith(
+					'Internal server error',
+					expect.anything(),
+				);
 			});
 		});
 	});
--- a/frontend/src/components/MembersTable/MembersTable.tsx
+++ b/frontend/src/components/MembersTable/MembersTable.tsx
@@ -210,7 +210,7 @@ function MembersTable({
 					index % 2 === 0 ? 'members-table-row--tinted' : ''
 				}
 				onRow={(record): React.HTMLAttributes<HTMLElement> => {
-					const isClickable = !!onRowClick;
+					const isClickable = onRowClick && record.status !== MemberStatus.Deleted;
 					return {
 						onClick: (): void => {
 							if (isClickable) {
--- a/frontend/src/components/MembersTable/tests/MembersTable.test.tsx
+++ b/frontend/src/components/MembersTable/tests/MembersTable.test.tsx
@@ -86,7 +86,7 @@ describe('MembersTable', () => {
 		);
 	});

-	it('renders DELETED badge and calls onRowClick when a deleted member row is clicked', async () => {
+	it('renders DELETED badge and does not call onRowClick when a deleted member row is clicked', async () => {
 		const onRowClick = jest.fn();
 		const user = userEvent.setup({ pointerEventsCheck: 0 });
 		const deletedMember: MemberRow = {
@@ -108,7 +108,7 @@ describe('MembersTable', () => {

 		expect(screen.getByText('DELETED')).toBeInTheDocument();
 		await user.click(screen.getByText('Dave Deleted'));
-		expect(onRowClick).toHaveBeenCalledWith(
+		expect(onRowClick).not.toHaveBeenCalledWith(
 			expect.objectContaining({ id: 'user-del' }),
 		);
 	});
--- a/frontend/src/components/RolesSelect/RolesSelect.tsx
+++ b/frontend/src/components/RolesSelect/RolesSelect.tsx
@@ -85,8 +85,7 @@ interface BaseProps {
 interface SingleProps extends BaseProps {
 	mode?: 'single';
 	value?: string;
-	onChange?: (role: string | undefined) => void;
-	allowClear?: boolean;
+	onChange?: (role: string) => void;
 }

 interface MultipleProps extends BaseProps {
@@ -155,14 +154,13 @@ function RolesSelect(props: RolesSelectProps): JSX.Element {
 		);
 	}

-	const { value, onChange, allowClear = true } = props as SingleProps;
+	const { value, onChange } = props as SingleProps;
 	return (
 		<Select
 			id={id}
 			value={value || undefined}
 			onChange={onChange}
 			placeholder={placeholder}
-			allowClear={allowClear}
 			className={cx('roles-single-select', className)}
 			loading={loading}
 			notFoundContent={notFoundContent}
--- a/frontend/src/components/ServiceAccountDrawer/AddKeyModal/index.tsx
+++ b/frontend/src/components/ServiceAccountDrawer/AddKeyModal/index.tsx
@@ -17,8 +17,6 @@ import { AxiosError } from 'axios';
 import { DATE_TIME_FORMATS } from 'constants/dateTimeFormats';
 import { SA_QUERY_PARAMS } from 'container/ServiceAccountsSettings/constants';
 import { parseAsBoolean, useQueryState } from 'nuqs';
-import { useErrorModal } from 'providers/ErrorModalProvider';
-import APIError from 'types/api/error';

 import KeyCreatedPhase from './KeyCreatedPhase';
 import KeyFormPhase from './KeyFormPhase';
@@ -29,7 +27,6 @@ import './AddKeyModal.styles.scss';

 function AddKeyModal(): JSX.Element {
 	const queryClient = useQueryClient();
-	const { showErrorModal, isErrorModalVisible } = useErrorModal();
 	const [accountId] = useQueryState(SA_QUERY_PARAMS.ACCOUNT);
 	const [isAddKeyOpen, setIsAddKeyOpen] = useQueryState(
 		SA_QUERY_PARAMS.ADD_KEY,
@@ -84,11 +81,11 @@ function AddKeyModal(): JSX.Element {
 				}
 			},
 			onError: (error) => {
-				showErrorModal(
+				const errMessage =
 					convertToApiError(
 						error as AxiosError<RenderErrorResponseDTO, unknown> | null,
-					) as APIError,
-				);
+					)?.getErrorMessage() || 'Failed to create key';
+				toast.error(errMessage, { richColors: true });
 			},
 		},
 	});
@@ -154,7 +151,7 @@ function AddKeyModal(): JSX.Element {
 			width="base"
 			className="add-key-modal"
 			showCloseButton
-			disableOutsideClick={isErrorModalVisible}
+			disableOutsideClick={false}
 		>
 			{phase === Phase.FORM && (
 				<KeyFormPhase
--- a/frontend/src/components/ServiceAccountDrawer/DeleteAccountModal.tsx
+++ b/frontend/src/components/ServiceAccountDrawer/DeleteAccountModal.tsx
@@ -16,12 +16,9 @@ import type {
 import { AxiosError } from 'axios';
 import { SA_QUERY_PARAMS } from 'container/ServiceAccountsSettings/constants';
 import { parseAsBoolean, useQueryState } from 'nuqs';
-import { useErrorModal } from 'providers/ErrorModalProvider';
-import APIError from 'types/api/error';

 function DeleteAccountModal(): JSX.Element {
 	const queryClient = useQueryClient();
-	const { showErrorModal, isErrorModalVisible } = useErrorModal();
 	const [accountId, setAccountId] = useQueryState(SA_QUERY_PARAMS.ACCOUNT);
 	const [isDeleteOpen, setIsDeleteOpen] = useQueryState(
 		SA_QUERY_PARAMS.DELETE_SA,
@@ -48,11 +45,11 @@ function DeleteAccountModal(): JSX.Element {
 				await invalidateListServiceAccounts(queryClient);
 			},
 			onError: (error) => {
-				showErrorModal(
+				const errMessage =
 					convertToApiError(
 						error as AxiosError<RenderErrorResponseDTO, unknown> | null,
-					) as APIError,
-				);
+					)?.getErrorMessage() || 'Failed to delete service account';
+				toast.error(errMessage, { richColors: true });
 			},
 		},
 	});
@@ -82,7 +79,7 @@ function DeleteAccountModal(): JSX.Element {
 			width="narrow"
 			className="alert-dialog sa-delete-dialog"
 			showCloseButton={false}
-			disableOutsideClick={isErrorModalVisible}
+			disableOutsideClick={false}
 		>
 			<p className="sa-delete-dialog__body">
 				Are you sure you want to delete <strong>{accountName}</strong>? This action
--- a/frontend/src/components/ServiceAccountDrawer/EditKeyModal/index.tsx
+++ b/frontend/src/components/ServiceAccountDrawer/EditKeyModal/index.tsx
@@ -17,9 +17,7 @@ import { AxiosError } from 'axios';
 import { SA_QUERY_PARAMS } from 'container/ServiceAccountsSettings/constants';
 import dayjs from 'dayjs';
 import { parseAsString, useQueryState } from 'nuqs';
-import { useErrorModal } from 'providers/ErrorModalProvider';
 import { useTimezone } from 'providers/Timezone';
-import APIError from 'types/api/error';

 import { RevokeKeyContent } from '../RevokeKeyModal';
 import EditKeyForm from './EditKeyForm';
@@ -43,7 +41,6 @@ function EditKeyModal({ keyItem }: EditKeyModalProps): JSX.Element {
 	const open = !!editKeyId && !!selectedAccountId;

 	const { formatTimezoneAdjustedTimestamp } = useTimezone();
-	const { showErrorModal, isErrorModalVisible } = useErrorModal();
 	const [isRevokeConfirmOpen, setIsRevokeConfirmOpen] = useState(false);

 	const {
@@ -81,11 +78,11 @@ function EditKeyModal({ keyItem }: EditKeyModalProps): JSX.Element {
 				}
 			},
 			onError: (error) => {
-				showErrorModal(
+				const errMessage =
 					convertToApiError(
 						error as AxiosError<RenderErrorResponseDTO, unknown> | null,
-					) as APIError,
-				);
+					)?.getErrorMessage() || 'Failed to update key';
+				toast.error(errMessage, { richColors: true });
 			},
 		},
 	});
@@ -105,13 +102,12 @@ function EditKeyModal({ keyItem }: EditKeyModalProps): JSX.Element {
 					});
 				}
 			},
-			// eslint-disable-next-line sonarjs/no-identical-functions
 			onError: (error) => {
-				showErrorModal(
+				const errMessage =
 					convertToApiError(
 						error as AxiosError<RenderErrorResponseDTO, unknown> | null,
-					) as APIError,
-				);
+					)?.getErrorMessage() || 'Failed to revoke key';
+				toast.error(errMessage, { richColors: true });
 			},
 		},
 	});
@@ -164,7 +160,7 @@ function EditKeyModal({ keyItem }: EditKeyModalProps): JSX.Element {
 				isRevokeConfirmOpen ? 'alert-dialog delete-dialog' : 'edit-key-modal'
 			}
 			showCloseButton={!isRevokeConfirmOpen}
-			disableOutsideClick={isErrorModalVisible}
+			disableOutsideClick={false}
 		>
 			{isRevokeConfirmOpen ? (
 				<RevokeKeyContent
--- a/frontend/src/components/ServiceAccountDrawer/OverviewTab.tsx
+++ b/frontend/src/components/ServiceAccountDrawer/OverviewTab.tsx
@@ -17,7 +17,7 @@ interface OverviewTabProps {
 	localName: string;
 	onNameChange: (v: string) => void;
 	localRole: string;
-	onRoleChange: (v: string | undefined) => void;
+	onRoleChange: (v: string) => void;
 	isDisabled: boolean;
 	availableRoles: AuthtypesRoleDTO[];
 	rolesLoading?: boolean;
--- a/frontend/src/components/ServiceAccountDrawer/RevokeKeyModal.tsx
+++ b/frontend/src/components/ServiceAccountDrawer/RevokeKeyModal.tsx
@@ -16,8 +16,6 @@ import type {
 import { AxiosError } from 'axios';
 import { SA_QUERY_PARAMS } from 'container/ServiceAccountsSettings/constants';
 import { parseAsString, useQueryState } from 'nuqs';
-import { useErrorModal } from 'providers/ErrorModalProvider';
-import APIError from 'types/api/error';

 export interface RevokeKeyContentProps {
 	isRevoking: boolean;
@@ -58,7 +56,6 @@ export function RevokeKeyContent({

 function RevokeKeyModal(): JSX.Element {
 	const queryClient = useQueryClient();
-	const { showErrorModal, isErrorModalVisible } = useErrorModal();
 	const [accountId] = useQueryState(SA_QUERY_PARAMS.ACCOUNT);
 	const [revokeKeyId, setRevokeKeyId] = useQueryState(
 		SA_QUERY_PARAMS.REVOKE_KEY,
@@ -86,11 +83,11 @@ function RevokeKeyModal(): JSX.Element {
 				}
 			},
 			onError: (error) => {
-				showErrorModal(
+				const errMessage =
 					convertToApiError(
 						error as AxiosError<RenderErrorResponseDTO, unknown> | null,
-					) as APIError,
-				);
+					)?.getErrorMessage() || 'Failed to revoke key';
+				toast.error(errMessage, { richColors: true });
 			},
 		},
 	});
@@ -118,7 +115,7 @@ function RevokeKeyModal(): JSX.Element {
 			width="narrow"
 			className="alert-dialog delete-dialog"
 			showCloseButton={false}
-			disableOutsideClick={isErrorModalVisible}
+			disableOutsideClick={false}
 		>
 			<RevokeKeyContent
 				isRevoking={isRevoking}
--- a/frontend/src/components/ServiceAccountDrawer/ServiceAccountDrawer.tsx
+++ b/frontend/src/components/ServiceAccountDrawer/ServiceAccountDrawer.tsx
@@ -1,4 +1,4 @@
-import { useCallback, useEffect, useMemo, useRef, useState } from 'react';
+import { useCallback, useEffect, useMemo, useState } from 'react';
 import { useQueryClient } from 'react-query';
 import { Button } from '@signozhq/button';
 import { DrawerWrapper } from '@signozhq/drawer';
@@ -8,9 +8,7 @@ import { ToggleGroup, ToggleGroupItem } from '@signozhq/toggle-group';
 import { Pagination, Skeleton } from 'antd';
 import { convertToApiError } from 'api/ErrorResponseHandlerForGeneratedAPIs';
 import {
-	getGetServiceAccountRolesQueryKey,
 	getListServiceAccountsQueryKey,
-	useDeleteServiceAccountRole,
 	useGetServiceAccount,
 	useListServiceAccountKeys,
 	useUpdateServiceAccount,
@@ -25,10 +23,7 @@ import {
 	ServiceAccountStatus,
 	toServiceAccountRow,
 } from 'container/ServiceAccountsSettings/utils';
-import {
-	RoleUpdateFailure,
-	useServiceAccountRoleManager,
-} from 'hooks/serviceAccount/useServiceAccountRoleManager';
+import { useServiceAccountRoleManager } from 'hooks/serviceAccount/useServiceAccountRoleManager';
 import {
 	parseAsBoolean,
 	parseAsInteger,
@@ -37,7 +32,7 @@ import {
 	useQueryState,
 } from 'nuqs';
 import APIError from 'types/api/error';
-import { retryOn429, toAPIError } from 'utils/errorUtils';
+import { toAPIError } from 'utils/errorUtils';

 import AddKeyModal from './AddKeyModal';
 import DeleteAccountModal from './DeleteAccountModal';
@@ -54,13 +49,6 @@ export interface ServiceAccountDrawerProps {

 const PAGE_SIZE = 15;

-function toSaveApiError(err: unknown): APIError {
-	return (
-		convertToApiError(err as AxiosError<RenderErrorResponseDTO>) ??
-		toAPIError(err as AxiosError<RenderErrorResponseDTO>)
-	);
-}
-
 // eslint-disable-next-line sonarjs/cognitive-complexity
 function ServiceAccountDrawer({
 	onSuccess,
@@ -115,35 +103,21 @@ function ServiceAccountDrawer({
 		[accountData],
 	);

-	const {
-		currentRoles,
-		isLoading: isRolesLoading,
-		applyDiff,
-	} = useServiceAccountRoleManager(selectedAccountId ?? '');
-
-	const roleSessionRef = useRef<string | null>(null);
+	const { currentRoles, applyDiff } = useServiceAccountRoleManager(
+		selectedAccountId ?? '',
+	);

 	useEffect(() => {
 		if (account?.id) {
 			setLocalName(account?.name ?? '');
 			setKeysPage(1);
 		}
+		setSaveErrors([]);
 	}, [account?.id, account?.name, setKeysPage]);

 	useEffect(() => {
-		if (account?.id) {
-			setSaveErrors([]);
-		}
-	}, [account?.id]);
-
-	useEffect(() => {
-		if (!account?.id) {
-			roleSessionRef.current = null;
-		} else if (account.id !== roleSessionRef.current && !isRolesLoading) {
-			setLocalRole(currentRoles[0]?.id ?? '');
-			roleSessionRef.current = account.id;
-		}
-	}, [account?.id, currentRoles, isRolesLoading]);
+		setLocalRole(currentRoles[0]?.id ?? '');
+	}, [currentRoles]);

 	const isDeleted =
 		account?.status?.toUpperCase() === ServiceAccountStatus.Deleted;
@@ -179,26 +153,12 @@ function ServiceAccountDrawer({

 	// the retry for this mutation is safe due to the api being idempotent on backend
 	const { mutateAsync: updateMutateAsync } = useUpdateServiceAccount();
-	const { mutateAsync: deleteRole } = useDeleteServiceAccountRole({
-		mutation: {
-			retry: retryOn429,
-		},
-	});

-	const executeRolesOperation = useCallback(
-		async (accountId: string): Promise<RoleUpdateFailure[]> => {
-			if (localRole === '' && currentRoles[0]?.id) {
-				await deleteRole({
-					pathParams: { id: accountId, rid: currentRoles[0].id },
-				});
-				await queryClient.invalidateQueries(
-					getGetServiceAccountRolesQueryKey({ id: accountId }),
-				);
-				return [];
-			}
-			return applyDiff([localRole].filter(Boolean), availableRoles);
-		},
-		[localRole, currentRoles, availableRoles, applyDiff, deleteRole, queryClient],
+	const toSaveApiError = useCallback(
+		(err: unknown): APIError =>
+			convertToApiError(err as AxiosError<RenderErrorResponseDTO>) ??
+			toAPIError(err as AxiosError<RenderErrorResponseDTO>),
+		[],
 	);

 	const retryNameUpdate = useCallback(async (): Promise<void> => {
@@ -220,7 +180,14 @@ function ServiceAccountDrawer({
 				),
 			);
 		}
-	}, [account, localName, updateMutateAsync, refetchAccount, queryClient]);
+	}, [
+		account,
+		localName,
+		updateMutateAsync,
+		refetchAccount,
+		queryClient,
+		toSaveApiError,
+	]);

 	const handleNameChange = useCallback((name: string): void => {
 		setLocalName(name);
@@ -243,39 +210,29 @@ function ServiceAccountDrawer({
 				);
 			}
 		},
-		[],
-	);
-
-	const clearRoleErrors = useCallback((): void => {
-		setSaveErrors((prev) =>
-			prev.filter(
-				(e) => e.context !== 'Roles update' && !e.context.startsWith("Role '"),
-			),
-		);
-	}, []);
-
-	const failuresToSaveErrors = useCallback(
-		(failures: RoleUpdateFailure[]): SaveError[] =>
-			failures.map((f) => {
-				const ctx = `Role '${f.roleName}'`;
-				return {
-					context: ctx,
-					apiError: toSaveApiError(f.error),
-					onRetry: makeRoleRetry(ctx, f.onRetry),
-				};
-			}),
-		[makeRoleRetry],
+		[toSaveApiError],
 	);

 	const retryRolesUpdate = useCallback(async (): Promise<void> => {
 		try {
-			const failures = await executeRolesOperation(selectedAccountId ?? '');
+			const failures = await applyDiff(
+				[localRole].filter(Boolean),
+				availableRoles,
+			);
 			if (failures.length === 0) {
 				setSaveErrors((prev) => prev.filter((e) => e.context !== 'Roles update'));
 			} else {
 				setSaveErrors((prev) => {
 					const rest = prev.filter((e) => e.context !== 'Roles update');
-					return [...rest, ...failuresToSaveErrors(failures)];
+					const roleErrors = failures.map((f) => {
+						const ctx = `Role '${f.roleName}'`;
+						return {
+							context: ctx,
+							apiError: toSaveApiError(f.error),
+							onRetry: makeRoleRetry(ctx, f.onRetry),
+						};
+					});
+					return [...rest, ...roleErrors];
 				});
 			}
 		} catch (err) {
@@ -285,7 +242,7 @@ function ServiceAccountDrawer({
 				),
 			);
 		}
-	}, [selectedAccountId, executeRolesOperation, failuresToSaveErrors]);
+	}, [localRole, availableRoles, applyDiff, toSaveApiError, makeRoleRetry]);

 	const handleSave = useCallback(async (): Promise<void> => {
 		if (!account || !isDirty) {
@@ -304,7 +261,7 @@ function ServiceAccountDrawer({

 			const [nameResult, rolesResult] = await Promise.allSettled([
 				namePromise,
-				executeRolesOperation(account.id),
+				applyDiff([localRole].filter(Boolean), availableRoles),
 			]);

 			const errors: SaveError[] = [];
@@ -324,7 +281,14 @@ function ServiceAccountDrawer({
 					onRetry: retryRolesUpdate,
 				});
 			} else {
-				errors.push(...failuresToSaveErrors(rolesResult.value));
+				for (const failure of rolesResult.value) {
+					const context = `Role '${failure.roleName}'`;
+					errors.push({
+						context,
+						apiError: toSaveApiError(failure.error),
+						onRetry: makeRoleRetry(context, failure.onRetry),
+					});
+				}
 			}

 			if (errors.length > 0) {
@@ -346,14 +310,17 @@ function ServiceAccountDrawer({
 		account,
 		isDirty,
 		localName,
+		localRole,
+		availableRoles,
 		updateMutateAsync,
-		executeRolesOperation,
+		applyDiff,
 		refetchAccount,
 		onSuccess,
 		queryClient,
+		toSaveApiError,
 		retryNameUpdate,
+		makeRoleRetry,
 		retryRolesUpdate,
-		failuresToSaveErrors,
 	]);

 	const handleClose = useCallback((): void => {
@@ -446,10 +413,7 @@ function ServiceAccountDrawer({
 								localName={localName}
 								onNameChange={handleNameChange}
 								localRole={localRole}
-								onRoleChange={(role): void => {
-									setLocalRole(role ?? '');
-									clearRoleErrors();
-								}}
+								onRoleChange={setLocalRole}
 								isDisabled={isDeleted}
 								availableRoles={availableRoles}
 								rolesLoading={rolesLoading}
--- a/frontend/src/components/ServiceAccountDrawer/tests/ServiceAccountDrawer.test.tsx
+++ b/frontend/src/components/ServiceAccountDrawer/tests/ServiceAccountDrawer.test.tsx
@@ -390,42 +390,6 @@ describe('ServiceAccountDrawer – save-error UX', () => {
 		).toBeInTheDocument();
 	});

-	it('role add retries on 429 then succeeds without showing an error', async () => {
-		const user = userEvent.setup({ pointerEventsCheck: 0 });
-		let roleAddCallCount = 0;
-
-		// First call → 429, second call → 200
-		server.use(
-			rest.post(SA_ROLES_ENDPOINT, (_, res, ctx) => {
-				roleAddCallCount += 1;
-				if (roleAddCallCount === 1) {
-					return res(ctx.status(429), ctx.json({ message: 'Too Many Requests' }));
-				}
-				return res(ctx.status(200), ctx.json({ status: 'success', data: {} }));
-			}),
-		);
-
-		renderDrawer();
-
-		await screen.findByDisplayValue('CI Bot');
-
-		await user.click(screen.getByLabelText('Roles'));
-		await user.click(await screen.findByTitle('signoz-viewer'));
-
-		const saveBtn = screen.getByRole('button', { name: /Save Changes/i });
-		await waitFor(() => expect(saveBtn).not.toBeDisabled());
-		await user.click(saveBtn);
-
-		// Retried after 429 — at least 2 calls, no error shown
-		await waitFor(
-			() => {
-				expect(roleAddCallCount).toBeGreaterThanOrEqual(2);
-			},
-			{ timeout: 5000 },
-		);
-		expect(screen.queryByText(/role assign failed/i)).not.toBeInTheDocument();
-	});
-
 	it('clicking Retry on a name-update error re-triggers the request; on success the error item is removed', async () => {
 		const user = userEvent.setup({ pointerEventsCheck: 0 });

--- a/frontend/src/container/DashboardContainer/visualization/charts/ChartWrapper/ChartWrapper.tsx
+++ b/frontend/src/container/DashboardContainer/visualization/charts/ChartWrapper/ChartWrapper.tsx
@@ -13,7 +13,7 @@ import uPlot from 'uplot';

 import { ChartProps } from '../types';

-const TOOLTIP_WIDTH_PADDING = 120;
+const TOOLTIP_WIDTH_PADDING = 60;
 const TOOLTIP_MIN_WIDTH = 200;

 export default function ChartWrapper({
--- a/frontend/src/container/Home/Home.tsx
+++ b/frontend/src/container/Home/Home.tsx
@@ -264,22 +264,20 @@ export default function Home(): JSX.Element {

 	return (
 		<div className="home-container">
-			{user?.role === USER_ROLES.ADMIN && (
-				<PersistedAnnouncementBanner
-					type="info"
-					storageKey={LOCALSTORAGE.DISMISSED_API_KEYS_DEPRECATION_BANNER}
-					action={{
-						label: 'Go to Service Accounts',
-						onClick: (): void => history.push(ROUTES.SERVICE_ACCOUNTS_SETTINGS),
-					}}
-				>
-					<>
-						<strong>API keys</strong> have been deprecated in favour of{' '}
-						<strong>Service accounts</strong>. The existing API Keys have been
-						migrated to service accounts.
-					</>
-				</PersistedAnnouncementBanner>
-			)}
+			<PersistedAnnouncementBanner
+				type="info"
+				storageKey={LOCALSTORAGE.DISMISSED_API_KEYS_DEPRECATION_BANNER}
+				action={{
+					label: 'Go to Service Accounts',
+					onClick: (): void => history.push(ROUTES.SERVICE_ACCOUNTS_SETTINGS),
+				}}
+			>
+				<>
+					<strong>API keys</strong> have been deprecated in favour of{' '}
+					<strong>Service accounts</strong>. The existing API Keys have been migrated
+					to service accounts.
+				</>
+			</PersistedAnnouncementBanner>

 			<div className="sticky-header">
 				<Header
--- a/frontend/src/container/MembersSettings/MembersSettings.tsx
+++ b/frontend/src/container/MembersSettings/MembersSettings.tsx
@@ -51,8 +51,6 @@ function MembersSettings(): JSX.Element {

 		if (filterMode === FilterMode.Invited) {
 			result = result.filter((m) => m.status === MemberStatus.Invited);
-		} else if (filterMode === FilterMode.Deleted) {
-			result = result.filter((m) => m.status === MemberStatus.Deleted);
 		}

 		if (searchQuery.trim()) {
@@ -91,9 +89,6 @@ function MembersSettings(): JSX.Element {
 	const pendingCount = allMembers.filter(
 		(m) => m.status === MemberStatus.Invited,
 	).length;
-	const deletedCount = allMembers.filter(
-		(m) => m.status === MemberStatus.Deleted,
-	).length;
 	const totalCount = allMembers.length;

 	const filterMenuItems: MenuProps['items'] = [
@@ -123,27 +118,12 @@ function MembersSettings(): JSX.Element {
 				setPage(1);
 			},
 		},
-		{
-			key: FilterMode.Deleted,
-			label: (
-				<div className="members-filter-option">
-					<span>Deleted ⎯ {deletedCount}</span>
-					{filterMode === FilterMode.Deleted && <Check size={14} />}
-				</div>
-			),
-			onClick: (): void => {
-				setFilterMode(FilterMode.Deleted);
-				setPage(1);
-			},
-		},
 	];

 	const filterLabel =
 		filterMode === FilterMode.All
 			? `All members ⎯ ${totalCount}`
-			: filterMode === FilterMode.Invited
-			? `Pending invites ⎯ ${pendingCount}`
-			: `Deleted ⎯ ${deletedCount}`;
+			: `Pending invites ⎯ ${pendingCount}`;

 	const handleInviteComplete = useCallback((): void => {
 		refetchUsers();
--- a/frontend/src/container/MembersSettings/tests/MembersSettings.integration.test.tsx
+++ b/frontend/src/container/MembersSettings/tests/MembersSettings.integration.test.tsx
@@ -117,14 +117,14 @@ describe('MembersSettings (integration)', () => {
 		await screen.findByText('Member Details');
 	});

-	it('opens EditMemberDrawer when a deleted member row is clicked', async () => {
+	it('does not open EditMemberDrawer when a deleted member row is clicked', async () => {
 		const user = userEvent.setup({ pointerEventsCheck: 0 });

 		render(<MembersSettings />);

 		await user.click(await screen.findByText('Dave Deleted'));

-		expect(screen.queryByText('Member Details')).toBeInTheDocument();
+		expect(screen.queryByText('Member Details')).not.toBeInTheDocument();
 	});

 	it('opens InviteMembersModal when "Invite member" button is clicked', async () => {
--- a/frontend/src/container/MembersSettings/utils.ts
+++ b/frontend/src/container/MembersSettings/utils.ts
@@ -1,7 +1,6 @@
 export enum FilterMode {
 	All = 'all',
 	Invited = 'invited',
-	Deleted = 'deleted',
 }

 export enum MemberStatus {
--- a/frontend/src/container/OrganizationSettings/DisplayName/DisplayName.styles.scss
+++ b/frontend/src/container/OrganizationSettings/DisplayName/DisplayName.styles.scss
@@ -1,16 +0,0 @@
-.display-name-form {
-	.form-field {
-		margin-bottom: var(--spacing-8);
-
-		label {
-			display: block;
-			margin-bottom: var(--spacing-4);
-		}
-	}
-
-	.field-error {
-		color: var(--destructive);
-		margin-top: var(--spacing-2);
-		font-size: var(--font-size-xs);
-	}
-}
--- a/frontend/src/container/OrganizationSettings/DisplayName/tests/DisplayName.test.tsx
+++ b/frontend/src/container/OrganizationSettings/DisplayName/tests/DisplayName.test.tsx
@@ -1,78 +0,0 @@
-import { toast } from '@signozhq/sonner';
-import { rest, server } from 'mocks-server/server';
-import {
-	fireEvent,
-	render,
-	screen,
-	userEvent,
-	waitFor,
-} from 'tests/test-utils';
-
-import DisplayName from '../index';
-
-jest.mock('@signozhq/sonner', () => ({
-	toast: {
-		success: jest.fn(),
-		error: jest.fn(),
-	},
-}));
-
-const ORG_ME_ENDPOINT = '*/api/v2/orgs/me';
-
-const defaultProps = { index: 0, id: 'does-not-matter-id' };
-
-describe('DisplayName', () => {
-	beforeEach(() => {
-		jest.clearAllMocks();
-	});
-
-	afterEach(() => {
-		server.resetHandlers();
-	});
-
-	it('renders form pre-filled with org displayName from context', async () => {
-		render(<DisplayName {...defaultProps} />);
-
-		const input = await screen.findByRole('textbox');
-		expect(input).toHaveValue('Pentagon');
-
-		expect(screen.getByRole('button', { name: /submit/i })).toBeDisabled();
-	});
-
-	it('enables submit and calls PUT when display name is changed', async () => {
-		const user = userEvent.setup({ pointerEventsCheck: 0 });
-
-		server.use(rest.put(ORG_ME_ENDPOINT, (_, res, ctx) => res(ctx.status(200))));
-
-		render(<DisplayName {...defaultProps} />);
-
-		const input = await screen.findByRole('textbox');
-		await user.clear(input);
-		await user.type(input, 'New Org Name');
-
-		const submitBtn = screen.getByRole('button', { name: /submit/i });
-		expect(submitBtn).toBeEnabled();
-
-		await user.click(submitBtn);
-
-		await waitFor(() => {
-			expect(toast.success).toHaveBeenCalled();
-		});
-	});
-
-	it('shows validation error when display name is cleared and submitted', async () => {
-		const user = userEvent.setup({ pointerEventsCheck: 0 });
-
-		render(<DisplayName {...defaultProps} />);
-
-		const input = await screen.findByRole('textbox');
-		await user.clear(input);
-
-		const form = input.closest('form') as HTMLFormElement;
-		fireEvent.submit(form);
-
-		await waitFor(() => {
-			expect(screen.getByText(/missing display name/i)).toBeInTheDocument();
-		});
-	});
-});
--- a/frontend/src/container/OrganizationSettings/DisplayName/index.tsx
+++ b/frontend/src/container/OrganizationSettings/DisplayName/index.tsx
@@ -1,57 +1,21 @@
-import { useEffect } from 'react';
-import { Controller, useForm } from 'react-hook-form';
 import { useTranslation } from 'react-i18next';
 import { toast } from '@signozhq/sonner';
-import { Button, Input } from 'antd';
+import { Button, Form, Input } from 'antd';
 import { convertToApiError } from 'api/ErrorResponseHandlerForGeneratedAPIs';
-import {
-	useGetMyOrganization,
-	useUpdateMyOrganization,
-} from 'api/generated/services/orgs';
+import { useUpdateMyOrganization } from 'api/generated/services/orgs';
 import type { RenderErrorResponseDTO } from 'api/generated/services/sigNoz.schemas';
 import { AxiosError } from 'axios';
 import { useAppContext } from 'providers/App/App';
 import { IUser } from 'providers/App/types';
-import { useErrorModal } from 'providers/ErrorModalProvider';
-import APIError from 'types/api/error';
-import { USER_ROLES } from 'types/roles';
 import { requireErrorMessage } from 'utils/form/requireErrorMessage';

-import './DisplayName.styles.scss';
-
 function DisplayName({ index, id: orgId }: DisplayNameProps): JSX.Element {
+	const [form] = Form.useForm<FormValues>();
+	const orgName = Form.useWatch('displayName', form);
+
 	const { t } = useTranslation(['organizationsettings', 'common']);
-	const { showErrorModal } = useErrorModal();
-	const { org, updateOrg, user } = useAppContext();
-	const currentOrg = (org || [])[index];
-	const isAdmin = user.role === USER_ROLES.ADMIN;
-
-	const { data: orgData } = useGetMyOrganization({
-		query: {
-			enabled: isAdmin && !currentOrg?.displayName,
-		},
-	});
-
-	const displayName =
-		currentOrg?.displayName ?? orgData?.data?.displayName ?? '';
-
-	const {
-		control,
-		handleSubmit,
-		watch,
-		getValues,
-		setValue,
-	} = useForm<FormValues>({
-		defaultValues: { displayName },
-	});
-
-	const orgName = watch('displayName');
-
-	useEffect(() => {
-		if (displayName && !getValues('displayName')) {
-			setValue('displayName', displayName);
-		}
-	}, [displayName, getValues, setValue]);
+	const { org, updateOrg } = useAppContext();
+	const { displayName } = (org || [])[index];

 	const {
 		mutateAsync: updateMyOrganization,
@@ -66,16 +30,20 @@ function DisplayName({ index, id: orgId }: DisplayNameProps): JSX.Element {
 				updateOrg(orgId, data.displayName ?? '');
 			},
 			onError: (error) => {
-				showErrorModal(
-					convertToApiError(error as AxiosError<RenderErrorResponseDTO>) as APIError,
+				const apiError = convertToApiError(
+					error as AxiosError<RenderErrorResponseDTO>,
+				);
+				toast.error(
+					apiError?.getErrorMessage() ?? t('something_went_wrong', { ns: 'common' }),
+					{ richColors: true, position: 'top-right' },
 				);
 			},
 		},
 	});

 	const onSubmit = async (values: FormValues): Promise<void> => {
-		const { displayName: name } = values;
-		await updateMyOrganization({ data: { id: orgId, displayName: name } });
+		const { displayName } = values;
+		await updateMyOrganization({ data: { id: orgId, displayName } });
 	};

 	if (!org) {
@@ -85,34 +53,21 @@ function DisplayName({ index, id: orgId }: DisplayNameProps): JSX.Element {
 	const isDisabled = isLoading || orgName === displayName || !orgName;

 	return (
-		<form
-			className="display-name-form"
-			onSubmit={handleSubmit(onSubmit)}
+		<Form
+			initialValues={{ displayName }}
+			form={form}
+			layout="vertical"
+			onFinish={onSubmit}
 			autoComplete="off"
 		>
-			<div className="form-field">
-				<label htmlFor="displayName">Display name</label>
-				<Controller
-					name="displayName"
-					control={control}
-					rules={{ required: requireErrorMessage('Display name') }}
-					render={({ field, fieldState }): JSX.Element => (
-						<>
-							<Input
-								{...field}
-								id="displayName"
-								size="large"
-								placeholder={t('signoz')}
-								status={fieldState.error ? 'error' : ''}
-							/>
-							{fieldState.error && (
-								<div className="field-error">{fieldState.error.message}</div>
-							)}
-						</>
-					)}
-				/>
-			</div>
-			<div>
+			<Form.Item
+				name="displayName"
+				label="Display name"
+				rules={[{ required: true, message: requireErrorMessage('Display name') }]}
+			>
+				<Input size="large" placeholder={t('signoz')} />
+			</Form.Item>
+			<Form.Item>
 				<Button
 					loading={isLoading}
 					disabled={isDisabled}
@@ -121,8 +76,8 @@ function DisplayName({ index, id: orgId }: DisplayNameProps): JSX.Element {
 				>
 					Submit
 				</Button>
-			</div>
-		</form>
+			</Form.Item>
+		</Form>
 	);
 }

--- a/frontend/src/hooks/member/useMemberRoleManager.ts
+++ b/frontend/src/hooks/member/useMemberRoleManager.ts
@@ -1,7 +1,6 @@
 import { useCallback, useMemo } from 'react';
 import type { AuthtypesRoleDTO } from 'api/generated/services/sigNoz.schemas';
 import { useGetUser, useSetRoleByUserID } from 'api/generated/services/users';
-import { retryOn429 } from 'utils/errorUtils';

 export interface MemberRoleUpdateFailure {
 	roleName: string;
@@ -39,9 +38,7 @@ export function useMemberRoleManager(
 		[currentUserRoles],
 	);

-	const { mutateAsync: setRole } = useSetRoleByUserID({
-		mutation: { retry: retryOn429 },
-	});
+	const { mutateAsync: setRole } = useSetRoleByUserID();

 	const applyDiff = useCallback(
 		async (
--- a/frontend/src/hooks/serviceAccount/useServiceAccountRoleManager.ts
+++ b/frontend/src/hooks/serviceAccount/useServiceAccountRoleManager.ts
@@ -6,12 +6,6 @@ import {
 	useGetServiceAccountRoles,
 } from 'api/generated/services/serviceaccount';
 import type { AuthtypesRoleDTO } from 'api/generated/services/sigNoz.schemas';
-import { retryOn429 } from 'utils/errorUtils';
-
-const enum PromiseStatus {
-	Fulfilled = 'fulfilled',
-	Rejected = 'rejected',
-}

 export interface RoleUpdateFailure {
 	roleName: string;
@@ -40,9 +34,7 @@ export function useServiceAccountRoleManager(
 	]);

 	// the retry for these mutations is safe due to being idempotent on backend
-	const { mutateAsync: createRole } = useCreateServiceAccountRole({
-		mutation: { retry: retryOn429 },
-	});
+	const { mutateAsync: createRole } = useCreateServiceAccountRole();

 	const invalidateRoles = useCallback(
 		() =>
@@ -81,16 +73,11 @@ export function useServiceAccountRoleManager(
 				allOperations.map((op) => op.run()),
 			);

-			const successCount = results.filter(
-				(r) => r.status === PromiseStatus.Fulfilled,
-			).length;
-			if (successCount > 0) {
-				await invalidateRoles();
-			}
+			await invalidateRoles();

 			const failures: RoleUpdateFailure[] = [];
 			results.forEach((result, index) => {
-				if (result.status === PromiseStatus.Rejected) {
+				if (result.status === 'rejected') {
 					const { role, run } = allOperations[index];
 					failures.push({
 						roleName: role.name ?? 'unknown',
--- a/frontend/src/lib/uPlotV2/components/Tooltip/Tooltip.module.scss
+++ b/frontend/src/lib/uPlotV2/components/Tooltip/Tooltip.module.scss
@@ -1,72 +0,0 @@
-.uplot-tooltip-container {
-	font-family: 'Inter';
-	font-size: 12px;
-	background: var(--bg-ink-300);
-	-webkit-font-smoothing: antialiased;
-	color: var(--bg-vanilla-100);
-	border-radius: 6px;
-	border: 1px solid var(--bg-ink-100);
-	display: flex;
-	flex-direction: column;
-	gap: 8px;
-
-	&.lightMode {
-		background: var(--bg-vanilla-100);
-		color: var(--bg-ink-500);
-		border: 1px solid var(--bg-vanilla-300);
-
-		.uplot-tooltip-list {
-			&::-webkit-scrollbar-thumb {
-				background: var(--bg-vanilla-400);
-			}
-		}
-
-		.uplot-tooltip-divider {
-			background-color: var(--bg-vanilla-300);
-		}
-	}
-
-	.uplot-tooltip-header-container {
-		padding: 1rem 1rem 0 1rem;
-		display: flex;
-		flex-direction: column;
-		gap: 8px;
-
-		&:last-child {
-			padding-bottom: 1rem;
-		}
-
-		.uplot-tooltip-header {
-			font-size: 13px;
-			font-weight: 500;
-		}
-	}
-
-	.uplot-tooltip-divider {
-		width: 100%;
-		height: 1px;
-		background-color: var(--bg-ink-100);
-	}
-
-	.uplot-tooltip-list {
-		// Virtuoso absolutely positions its item rows; left: 0 prevents accidental
-		// horizontal offset when the scroller has padding or transform applied.
-		div[data-viewport-type='element'] {
-			left: 0;
-			padding: 4px 8px 4px 16px;
-		}
-
-		&::-webkit-scrollbar {
-			width: 0.3rem;
-		}
-
-		&::-webkit-scrollbar-track {
-			background: transparent;
-		}
-
-		&::-webkit-scrollbar-thumb {
-			background: var(--bg-slate-100);
-			border-radius: 0.5rem;
-		}
-	}
-}
--- a/frontend/src/lib/uPlotV2/components/Tooltip/Tooltip.styles.scss
+++ b/frontend/src/lib/uPlotV2/components/Tooltip/Tooltip.styles.scss
@@ -0,0 +1,70 @@
+.uplot-tooltip-container {
+	font-family: 'Inter';
+	font-size: 12px;
+	background: var(--bg-ink-300);
+	-webkit-font-smoothing: antialiased;
+	color: var(--bg-vanilla-100);
+	border-radius: 6px;
+	padding: 1rem 0.5rem 0.5rem 1rem;
+	border: 1px solid var(--bg-ink-100);
+	display: flex;
+	flex-direction: column;
+	gap: 8px;
+
+	&.lightMode {
+		background: var(--bg-vanilla-100);
+		color: var(--bg-ink-500);
+		border: 1px solid var(--bg-vanilla-300);
+
+		.uplot-tooltip-list {
+			&::-webkit-scrollbar-thumb {
+				background: var(--bg-vanilla-400);
+			}
+		}
+	}
+
+	.uplot-tooltip-header {
+		font-size: 13px;
+		font-weight: 500;
+	}
+
+	.uplot-tooltip-list-container {
+		overflow-y: auto;
+		max-height: 330px;
+
+		.uplot-tooltip-list {
+			&::-webkit-scrollbar {
+				width: 0.3rem;
+			}
+
+			&::-webkit-scrollbar-track {
+				background: transparent;
+			}
+
+			&::-webkit-scrollbar-thumb {
+				background: var(--bg-slate-100);
+				border-radius: 0.5rem;
+			}
+		}
+	}
+
+	.uplot-tooltip-item {
+		display: flex;
+		align-items: center;
+		gap: 8px;
+		margin-bottom: 4px;
+
+		.uplot-tooltip-item-marker {
+			border-radius: 50%;
+			border-width: 2px;
+			width: 12px;
+			height: 12px;
+			flex-shrink: 0;
+		}
+
+		.uplot-tooltip-item-content {
+			white-space: wrap;
+			word-break: break-all;
+		}
+	}
+}
--- a/frontend/src/lib/uPlotV2/components/Tooltip/Tooltip.tsx
+++ b/frontend/src/lib/uPlotV2/components/Tooltip/Tooltip.tsx
@@ -7,14 +7,12 @@ import { useIsDarkMode } from 'hooks/useDarkMode';
 import { useTimezone } from 'providers/Timezone';

 import { TooltipProps } from '../types';
-import TooltipItem from './components/TooltipItem/TooltipItem';

-import Styles from './Tooltip.module.scss';
+import './Tooltip.styles.scss';

-// Fallback per-item height used for the initial size estimate before
-// Virtuoso reports the real total height via totalListHeightChanged.
+const TOOLTIP_LIST_MAX_HEIGHT = 330;
 const TOOLTIP_ITEM_HEIGHT = 38;
-const LIST_MAX_HEIGHT = 300;
+const TOOLTIP_LIST_PADDING = 10;

 export default function Tooltip({
 	uPlotInstance,
@@ -23,26 +21,27 @@ export default function Tooltip({
 	showTooltipHeader = true,
 }: TooltipProps): JSX.Element {
 	const isDarkMode = useIsDarkMode();
+	const [listHeight, setListHeight] = useState(0);
+	const tooltipContent = content ?? [];
 	const { timezone: userTimezone } = useTimezone();
-	const [totalListHeight, setTotalListHeight] = useState(0);

-	const tooltipContent = useMemo(() => content ?? [], [content]);
-
-	const resolvedTimezone = timezone?.value ?? userTimezone.value;
+	const resolvedTimezone = useMemo(() => {
+		if (!timezone) {
+			return userTimezone.value;
+		}
+		return timezone.value;
+	}, [timezone, userTimezone]);

 	const headerTitle = useMemo(() => {
 		if (!showTooltipHeader) {
 			return null;
 		}
+		const data = uPlotInstance.data;
 		const cursorIdx = uPlotInstance.cursor.idx;
 		if (cursorIdx == null) {
 			return null;
 		}
-		const timestamp = uPlotInstance.data[0]?.[cursorIdx];
-		if (timestamp == null) {
-			return null;
-		}
-		return dayjs(timestamp * 1000)
+		return dayjs(data[0][cursorIdx] * 1000)
 			.tz(resolvedTimezone)
 			.format(DATE_TIME_FORMATS.MONTH_DATETIME_SECONDS);
 	}, [
@@ -52,68 +51,60 @@ export default function Tooltip({
 		showTooltipHeader,
 	]);

-	const activeItem = useMemo(
-		() => tooltipContent.find((item) => item.isActive) ?? null,
-		[tooltipContent],
-	);
-
-	// Use the measured height from Virtuoso when available; fall back to a
-	// per-item estimate on the first render.  Math.ceil prevents a 1 px
-	// subpixel rounding gap from triggering a spurious scrollbar.
-	const virtuosoHeight = useMemo(() => {
-		return totalListHeight > 0
-			? Math.ceil(Math.min(totalListHeight, LIST_MAX_HEIGHT))
-			: Math.min(tooltipContent.length * TOOLTIP_ITEM_HEIGHT, LIST_MAX_HEIGHT);
-	}, [totalListHeight, tooltipContent.length]);
-
-	const showHeader = showTooltipHeader || activeItem != null;
-	// With a single series the active item is fully represented in the header —
-	// hide the divider and list to avoid showing a duplicate row.
-	const showList = tooltipContent.length > 1;
-	const showDivider = showList && showHeader;
+	const virtuosoStyle = useMemo(() => {
+		return {
+			height:
+				listHeight > 0
+					? Math.min(listHeight + TOOLTIP_LIST_PADDING, TOOLTIP_LIST_MAX_HEIGHT)
+					: Math.min(
+							tooltipContent.length * TOOLTIP_ITEM_HEIGHT,
+							TOOLTIP_LIST_MAX_HEIGHT,
+					  ),
+			width: '100%',
+		};
+	}, [listHeight, tooltipContent.length]);

 	return (
 		<div
-			className={cx(Styles.uplotTooltipContainer, !isDarkMode && Styles.lightMode)}
+			className={cx(
+				'uplot-tooltip-container',
+				isDarkMode ? 'darkMode' : 'lightMode',
+			)}
 			data-testid="uplot-tooltip-container"
 		>
-			{showHeader && (
-				<div className={Styles.uplotTooltipHeaderContainer}>
-					{showTooltipHeader && headerTitle && (
-						<div
-							className={Styles.uplotTooltipHeader}
-							data-testid="uplot-tooltip-header"
-						>
-							<span>{headerTitle}</span>
-						</div>
-					)}
-
-					{activeItem && (
-						<TooltipItem
-							item={activeItem}
-							isItemActive={true}
-							containerTestId="uplot-tooltip-pinned"
-							markerTestId="uplot-tooltip-pinned-marker"
-							contentTestId="uplot-tooltip-pinned-content"
-						/>
-					)}
+			{showTooltipHeader && (
+				<div className="uplot-tooltip-header" data-testid="uplot-tooltip-header">
+					<span>{headerTitle}</span>
 				</div>
 			)}
-
-			{showDivider && <span className={Styles.uplotTooltipDivider} />}
-
-			{showList && (
-				<Virtuoso
-					className={Styles.uplotTooltipList}
-					data-testid="uplot-tooltip-list"
-					data={tooltipContent}
-					style={{ height: virtuosoHeight, width: '100%' }}
-					totalListHeightChanged={setTotalListHeight}
-					itemContent={(_, item): JSX.Element => (
-						<TooltipItem item={item} isItemActive={false} />
-					)}
-				/>
-			)}
+			<div className="uplot-tooltip-list-container">
+				{tooltipContent.length > 0 ? (
+					<Virtuoso
+						className="uplot-tooltip-list"
+						data-testid="uplot-tooltip-list"
+						data={tooltipContent}
+						style={virtuosoStyle}
+						totalListHeightChanged={setListHeight}
+						itemContent={(_, item): JSX.Element => (
+							<div className="uplot-tooltip-item" data-testid="uplot-tooltip-item">
+								<div
+									className="uplot-tooltip-item-marker"
+									style={{ borderColor: item.color }}
+									data-is-legend-marker={true}
+									data-testid="uplot-tooltip-item-marker"
+								/>
+								<div
+									className="uplot-tooltip-item-content"
+									style={{ color: item.color, fontWeight: item.isActive ? 700 : 400 }}
+									data-testid="uplot-tooltip-item-content"
+								>
+									{item.label}: {item.tooltipValue}
+								</div>
+							</div>
+						)}
+					/>
+				) : null}
+			</div>
 		</div>
 	);
 }
--- a/frontend/src/lib/uPlotV2/components/Tooltip/tests/Tooltip.test.tsx
+++ b/frontend/src/lib/uPlotV2/components/Tooltip/tests/Tooltip.test.tsx
@@ -133,30 +133,46 @@ describe('Tooltip', () => {
 		expect(screen.queryByText(unexpectedTitle)).not.toBeInTheDocument();
 	});

-	it('renders single active item in header only, without a list', () => {
+	it('renders lightMode class when dark mode is disabled', () => {
 		const uPlotInstance = createUPlotInstance(null);
-		const content = [createTooltipContent({ isActive: true })];
+		mockUseIsDarkMode.mockReturnValue(false);

-		renderTooltip({ uPlotInstance, content });
+		renderTooltip({ uPlotInstance });

-		// Active item is shown in the header, not duplicated in a list
-		expect(screen.queryByTestId('uplot-tooltip-list')).toBeNull();
-		expect(screen.getByTestId('uplot-tooltip-pinned')).toBeInTheDocument();
-		const pinnedContent = screen.getByTestId('uplot-tooltip-pinned-content');
-		expect(pinnedContent).toHaveTextContent('Series A');
-		expect(pinnedContent).toHaveTextContent('10');
+		const container = screen.getByTestId('uplot-tooltip-container');
+
+		expect(container).toHaveClass('lightMode');
+		expect(container).not.toHaveClass('darkMode');
 	});

-	it('renders list when multiple series are present', () => {
+	it('renders darkMode class when dark mode is enabled', () => {
 		const uPlotInstance = createUPlotInstance(null);
-		const content = [
-			createTooltipContent({ isActive: true }),
-			createTooltipContent({ label: 'Series B', isActive: false }),
-		];
+		mockUseIsDarkMode.mockReturnValue(true);
+
+		renderTooltip({ uPlotInstance });
+
+		const container = screen.getByTestId('uplot-tooltip-container');
+
+		expect(container).toHaveClass('darkMode');
+		expect(container).not.toHaveClass('lightMode');
+	});
+
+	it('renders tooltip items when content is provided', () => {
+		const uPlotInstance = createUPlotInstance(null);
+		const content = [createTooltipContent()];

 		renderTooltip({ uPlotInstance, content });

-		expect(screen.getByTestId('uplot-tooltip-list')).toBeInTheDocument();
+		const list = screen.queryByTestId('uplot-tooltip-list');
+
+		expect(list).not.toBeNull();
+
+		const marker = screen.getByTestId('uplot-tooltip-item-marker');
+		const itemContent = screen.getByTestId('uplot-tooltip-item-content');
+
+		expect(marker).toHaveStyle({ borderColor: '#ff0000' });
+		expect(itemContent).toHaveStyle({ color: '#ff0000', fontWeight: '700' });
+		expect(itemContent).toHaveTextContent('Series A: 10');
 	});

 	it('does not render tooltip list when content is empty', () => {
@@ -176,7 +192,7 @@ describe('Tooltip', () => {
 		renderTooltip({ uPlotInstance, content });

 		const list = screen.getByTestId('uplot-tooltip-list');
-		expect(list).toHaveStyle({ height: '200px' });
+		expect(list).toHaveStyle({ height: '210px' });
 	});

 	it('sets tooltip list height based on content length when Virtuoso reports 0 height', () => {
--- a/frontend/src/lib/uPlotV2/components/Tooltip/tests/utils.test.ts
+++ b/frontend/src/lib/uPlotV2/components/Tooltip/tests/utils.test.ts
@@ -189,7 +189,7 @@ describe('Tooltip utils', () => {
 			];
 		}

-		it('builds tooltip content in series-index order with isActive flag set correctly', () => {
+		it('builds tooltip content with active series first', () => {
 			const data: AlignedData = [[0], [10], [20], [30]];
 			const series = createSeriesConfig();
 			const dataIndexes = [null, 0, 0, 0];
@@ -206,21 +206,21 @@ describe('Tooltip utils', () => {
 			});

 			expect(result).toHaveLength(2);
-			// Series are returned in series-index order (A=index 1 before B=index 2)
+			// Active (series index 2) should come first
 			expect(result[0]).toMatchObject<Partial<TooltipContentItem>>({
-				label: 'A',
-				value: 10,
-				tooltipValue: 'formatted-10',
-				color: '#ff0000',
-				isActive: false,
-			});
-			expect(result[1]).toMatchObject<Partial<TooltipContentItem>>({
 				label: 'B',
 				value: 20,
 				tooltipValue: 'formatted-20',
 				color: 'color-2',
 				isActive: true,
 			});
+			expect(result[1]).toMatchObject<Partial<TooltipContentItem>>({
+				label: 'A',
+				value: 10,
+				tooltipValue: 'formatted-10',
+				color: '#ff0000',
+				isActive: false,
+			});
 		});

 		it('skips series with null data index or non-finite values', () => {
@@ -273,31 +273,5 @@ describe('Tooltip utils', () => {
 			expect(result[0].value).toBe(30);
 			expect(result[1].value).toBe(30);
 		});
-
-		it('returns items in series-index order', () => {
-			// Series values in non-sorted order: 3, 1, 4, 2
-			const data: AlignedData = [[0], [3], [1], [4], [2]];
-			const series: Series[] = [
-				{ label: 'x', show: true } as Series,
-				{ label: 'C', show: true, stroke: '#aaaaaa' } as Series,
-				{ label: 'A', show: true, stroke: '#bbbbbb' } as Series,
-				{ label: 'D', show: true, stroke: '#cccccc' } as Series,
-				{ label: 'B', show: true, stroke: '#dddddd' } as Series,
-			];
-			const dataIndexes = [null, 0, 0, 0, 0];
-			const u = createUPlotInstance();
-
-			const result = buildTooltipContent({
-				data,
-				series,
-				dataIndexes,
-				activeSeriesIndex: null,
-				uPlotInstance: u,
-				yAxisUnit,
-				decimalPrecision,
-			});
-
-			expect(result.map((item) => item.value)).toEqual([3, 1, 4, 2]);
-		});
 	});
 });
--- a/frontend/src/lib/uPlotV2/components/Tooltip/components/TooltipItem/TooltipItem.module.scss
+++ b/frontend/src/lib/uPlotV2/components/Tooltip/components/TooltipItem/TooltipItem.module.scss
@@ -1,36 +0,0 @@
-.uplot-tooltip-item {
-	display: flex;
-	align-items: center;
-	gap: 8px;
-	padding: 4px 0;
-
-	.uplot-tooltip-item-marker {
-		border-radius: 50%;
-		border-style: solid;
-		border-width: 2px;
-		width: 12px;
-		height: 12px;
-		flex-shrink: 0;
-	}
-
-	.uplot-tooltip-item-content {
-		width: 100%;
-		display: flex;
-		align-items: center;
-		gap: 8px;
-		justify-content: space-between;
-
-		.uplot-tooltip-item-label {
-			white-space: normal;
-			overflow-wrap: anywhere;
-		}
-
-		&-separator {
-			flex: 1;
-			border-width: 0.5px;
-			border-style: dashed;
-			min-width: 24px;
-			opacity: 0.5;
-		}
-	}
-}
--- a/frontend/src/lib/uPlotV2/components/Tooltip/components/TooltipItem/TooltipItem.tsx
+++ b/frontend/src/lib/uPlotV2/components/Tooltip/components/TooltipItem/TooltipItem.tsx
@@ -1,49 +0,0 @@
-import { TooltipContentItem } from '../../../types';
-
-import Styles from './TooltipItem.module.scss';
-
-interface TooltipItemProps {
-	item: TooltipContentItem;
-	isItemActive: boolean;
-	containerTestId?: string;
-	markerTestId?: string;
-	contentTestId?: string;
-}
-
-export default function TooltipItem({
-	item,
-	isItemActive,
-	containerTestId = 'uplot-tooltip-item',
-	markerTestId = 'uplot-tooltip-item-marker',
-	contentTestId = 'uplot-tooltip-item-content',
-}: TooltipItemProps): JSX.Element {
-	return (
-		<div
-			className={Styles.uplotTooltipItem}
-			style={{
-				opacity: isItemActive ? 1 : 0.7,
-				fontWeight: isItemActive ? 700 : 400,
-			}}
-			data-testid={containerTestId}
-		>
-			<div
-				className={Styles.uplotTooltipItemMarker}
-				style={{ borderColor: item.color }}
-				data-is-legend-marker={true}
-				data-testid={markerTestId}
-			/>
-			<div
-				className={Styles.uplotTooltipItemContent}
-				style={{ color: item.color }}
-				data-testid={contentTestId}
-			>
-				<span className={Styles.uplotTooltipItemLabel}>{item.label}</span>
-				<span
-					className={Styles.uplotTooltipItemContentSeparator}
-					style={{ borderColor: item.color }}
-				/>
-				<span>{item.tooltipValue}</span>
-			</div>
-		</div>
-	);
-}
--- a/frontend/src/lib/uPlotV2/components/Tooltip/utils.ts
+++ b/frontend/src/lib/uPlotV2/components/Tooltip/utils.ts
@@ -38,16 +38,16 @@ export function getTooltipBaseValue({
 	// When series are hidden, we must use the next *visible* series, not index+1,
 	// since hidden series keep raw values and would produce negative/wrong results.
 	if (isStackedBarChart && baseValue !== null && series) {
-		let nextVisibleSeriesIdx = -1;
-		for (let seriesIdx = index + 1; seriesIdx < series.length; seriesIdx++) {
-			if (series[seriesIdx]?.show) {
-				nextVisibleSeriesIdx = seriesIdx;
+		let nextVisibleIdx = -1;
+		for (let j = index + 1; j < series.length; j++) {
+			if (series[j]?.show) {
+				nextVisibleIdx = j;
 				break;
 			}
 		}
-		if (nextVisibleSeriesIdx >= 1) {
-			const nextStackedValue = data[nextVisibleSeriesIdx][dataIndex] ?? 0;
-			baseValue = baseValue - nextStackedValue;
+		if (nextVisibleIdx >= 1) {
+			const nextValue = data[nextVisibleIdx][dataIndex] ?? 0;
+			baseValue = baseValue - nextValue;
 		}
 	}
 	return baseValue;
@@ -72,15 +72,16 @@ export function buildTooltipContent({
 	decimalPrecision?: PrecisionOption;
 	isStackedBarChart?: boolean;
 }): TooltipContentItem[] {
-	const items: TooltipContentItem[] = [];
+	const active: TooltipContentItem[] = [];
+	const rest: TooltipContentItem[] = [];

-	for (let seriesIndex = 1; seriesIndex < series.length; seriesIndex += 1) {
-		const seriesItem = series[seriesIndex];
-		if (!seriesItem?.show) {
+	for (let index = 1; index < series.length; index += 1) {
+		const s = series[index];
+		if (!s?.show) {
 			continue;
 		}

-		const dataIndex = dataIndexes[seriesIndex];
+		const dataIndex = dataIndexes[index];
 		// Skip series with no data at the current cursor position
 		if (dataIndex === null) {
 			continue;
@@ -88,22 +89,30 @@ export function buildTooltipContent({

 		const baseValue = getTooltipBaseValue({
 			data,
-			index: seriesIndex,
+			index,
 			dataIndex,
 			isStackedBarChart,
 			series,
 		});

+		const isActive = index === activeSeriesIndex;
+
 		if (Number.isFinite(baseValue) && baseValue !== null) {
-			items.push({
-				label: String(seriesItem.label ?? ''),
+			const item: TooltipContentItem = {
+				label: String(s.label ?? ''),
 				value: baseValue,
 				tooltipValue: getToolTipValue(baseValue, yAxisUnit, decimalPrecision),
-				color: resolveSeriesColor(seriesItem.stroke, uPlotInstance, seriesIndex),
-				isActive: seriesIndex === activeSeriesIndex,
-			});
+				color: resolveSeriesColor(s.stroke, uPlotInstance, index),
+				isActive,
+			};
+
+			if (isActive) {
+				active.push(item);
+			} else {
+				rest.push(item);
+			}
 		}
 	}

-	return items;
+	return [...active, ...rest];
 }
--- a/frontend/src/lib/uPlotV2/plugins/TooltipPlugin/TooltipPlugin.tsx
+++ b/frontend/src/lib/uPlotV2/plugins/TooltipPlugin/TooltipPlugin.tsx
@@ -36,8 +36,8 @@ const HOVER_DISMISS_DELAY_MS = 100;
 export default function TooltipPlugin({
 	config,
 	render,
-	maxWidth = 450,
-	maxHeight = 600,
+	maxWidth = 300,
+	maxHeight = 400,
 	syncMode = DashboardCursorSync.None,
 	syncKey = '_tooltip_sync_global_',
 	pinnedTooltipElement,
--- a/frontend/src/providers/App/App.tsx
+++ b/frontend/src/providers/App/App.tsx
@@ -12,6 +12,7 @@ import {
 import { useQuery } from 'react-query';
 import getLocalStorageApi from 'api/browser/localstorage/get';
 import setLocalStorageApi from 'api/browser/localstorage/set';
+import { useGetMyOrganization } from 'api/generated/services/orgs';
 import { useGetMyUser } from 'api/generated/services/users';
 import listOrgPreferences from 'api/v1/org/preferences/list';
 import listUserPreferences from 'api/v1/user/preferences/list';
@@ -84,6 +85,14 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 		query: { enabled: isLoggedIn },
 	});

+	const {
+		data: orgData,
+		isFetching: isFetchingOrgData,
+		error: orgFetchDataError,
+	} = useGetMyOrganization({
+		query: { enabled: isLoggedIn },
+	});
+
 	const {
 		permissions: permissionsResult,
 		isFetching: isFetchingPermissions,
@@ -93,8 +102,10 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 		enabled: isLoggedIn,
 	});

-	const isFetchingUser = isFetchingUserData || isFetchingPermissions;
-	const userFetchError = userFetchDataError || errorOnPermissions;
+	const isFetchingUser =
+		isFetchingUserData || isFetchingOrgData || isFetchingPermissions;
+	const userFetchError =
+		userFetchDataError || orgFetchDataError || errorOnPermissions;

 	const userRole = useMemo(() => {
 		if (permissionsResult?.[IsAdminPermission]?.isGranted) {
@@ -134,40 +145,39 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 				createdAt: toISOString(userData.data.createdAt) ?? prev.createdAt,
 				updatedAt: toISOString(userData.data.updatedAt) ?? prev.updatedAt,
 			}));
+		}
+	}, [userData, isFetchingUserData]);

-			// todo: we need to update the org name as well, we should have the [admin only role restriction on the get org api call] - BE input needed
-			setOrg((prev): any => {
+	useEffect(() => {
+		if (!isFetchingOrgData && orgData?.data) {
+			const { id: orgId, displayName: orgDisplayName } = orgData.data;
+			setOrg((prev) => {
 				if (!prev) {
-					return [
-						{
-							createdAt: 0,
-							id: userData.data.orgId,
-						},
-					];
+					return [{ createdAt: 0, id: orgId, displayName: orgDisplayName ?? '' }];
 				}
-				const orgIndex = prev.findIndex((e) => e.id === userData.data.orgId);
+				const orgIndex = prev.findIndex((e) => e.id === orgId);

 				if (orgIndex === -1) {
 					return [
 						...prev,
-						{
-							createdAt: 0,
-							id: userData.data.orgId,
-						},
+						{ createdAt: 0, id: orgId, displayName: orgDisplayName ?? '' },
 					];
 				}

-				return [
+				const updatedOrg: Organization[] = [
 					...prev.slice(0, orgIndex),
-					{
-						createdAt: 0,
-						id: userData.data.orgId,
-					},
+					{ createdAt: 0, id: orgId, displayName: orgDisplayName ?? '' },
 					...prev.slice(orgIndex + 1),
 				];
+				return updatedOrg;
 			});
+
+			setDefaultUser((prev) => ({
+				...prev,
+				organization: orgDisplayName ?? prev.organization,
+			}));
 		}
-	}, [userData, isFetchingUserData]);
+	}, [orgData, isFetchingOrgData]);

 	// fetcher for licenses v3
 	const {
--- a/frontend/src/providers/App/tests/App.test.tsx
+++ b/frontend/src/providers/App/tests/App.test.tsx
@@ -281,6 +281,48 @@ describe('AppProvider user and org data from v2 APIs', () => {
 		);
 	});

+	it('populates org state from GET /api/v2/orgs/me', async () => {
+		server.use(
+			rest.get(MY_ORG_URL, (_, res, ctx) =>
+				res(
+					ctx.status(200),
+					ctx.json({
+						data: {
+							id: 'org-abc',
+							displayName: 'My Org',
+						},
+					}),
+				),
+			),
+			rest.get(MY_USER_URL, (_, res, ctx) =>
+				res(
+					ctx.status(200),
+					ctx.json({ data: { id: 'u-default', email: 'default@signoz.io' } }),
+				),
+			),
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, [false, false, false])),
+				);
+			}),
+		);
+
+		const wrapper = createWrapper();
+		const { result } = renderHook(() => useAppContext(), { wrapper });
+
+		await waitFor(
+			() => {
+				expect(result.current.org).not.toBeNull();
+				const org = result.current.org?.[0];
+				expect(org?.id).toBe('org-abc');
+				expect(org?.displayName).toBe('My Org');
+			},
+			{ timeout: 2000 },
+		);
+	});
+
 	it('sets isFetchingUser false once both user and org calls complete', async () => {
 		server.use(
 			rest.get(MY_USER_URL, (_, res, ctx) =>
--- a/frontend/src/providers/ErrorModalProvider.tsx
+++ b/frontend/src/providers/ErrorModalProvider.tsx
@@ -14,7 +14,6 @@ import APIError from 'types/api/error';
 interface ErrorModalContextType {
 	showErrorModal: (error: APIError) => void;
 	hideErrorModal: () => void;
-	isErrorModalVisible: boolean;
 }

 const ErrorModalContext = createContext<ErrorModalContextType | undefined>(
@@ -39,10 +38,10 @@ export function ErrorModalProvider({
 		setIsVisible(false);
 	}, []);

-	const value = useMemo(
-		() => ({ showErrorModal, hideErrorModal, isErrorModalVisible: isVisible }),
-		[showErrorModal, hideErrorModal, isVisible],
-	);
+	const value = useMemo(() => ({ showErrorModal, hideErrorModal }), [
+		showErrorModal,
+		hideErrorModal,
+	]);

 	return (
 		<ErrorModalContext.Provider value={value}>
--- a/frontend/src/utils/errorUtils.test.ts
+++ b/frontend/src/utils/errorUtils.test.ts
@@ -1,45 +0,0 @@
-import { AxiosError } from 'axios';
-
-import { retryOn429 } from './errorUtils';
-
-describe('retryOn429', () => {
-	const make429 = (): AxiosError =>
-		Object.assign(new AxiosError('Too Many Requests'), {
-			response: { status: 429 },
-		}) as AxiosError;
-
-	it('returns true on first failure (failureCount=0) for 429', () => {
-		expect(retryOn429(0, make429())).toBe(true);
-	});
-
-	it('returns true on second failure (failureCount=1) for 429', () => {
-		expect(retryOn429(1, make429())).toBe(true);
-	});
-
-	it('returns false on third failure (failureCount=2) for 429 — max retries reached', () => {
-		expect(retryOn429(2, make429())).toBe(false);
-	});
-
-	it('returns false for non-429 axios errors', () => {
-		const err = Object.assign(new AxiosError('Server Error'), {
-			response: { status: 500 },
-		}) as AxiosError;
-		expect(retryOn429(0, err)).toBe(false);
-	});
-
-	it('returns false for 401 axios errors', () => {
-		const err = Object.assign(new AxiosError('Unauthorized'), {
-			response: { status: 401 },
-		}) as AxiosError;
-		expect(retryOn429(0, err)).toBe(false);
-	});
-
-	it('returns false for non-axios errors', () => {
-		expect(retryOn429(0, new Error('network error'))).toBe(false);
-	});
-
-	it('returns false for null/undefined errors', () => {
-		expect(retryOn429(0, null)).toBe(false);
-		expect(retryOn429(0, undefined)).toBe(false);
-	});
-});
--- a/frontend/src/utils/errorUtils.ts
+++ b/frontend/src/utils/errorUtils.ts
@@ -1,7 +1,6 @@
 import { ErrorResponseHandlerForGeneratedAPIs } from 'api/ErrorResponseHandlerForGeneratedAPIs';
 import { RenderErrorResponseDTO } from 'api/generated/services/sigNoz.schemas';
 import { ErrorType } from 'api/generatedAPIInstance';
-import { AxiosError } from 'axios';
 import APIError from 'types/api/error';

 /**
@@ -67,10 +66,3 @@ export function handleApiError(
 		showErrorFunction(apiError as APIError);
 	}
 }
-
-export const retryOn429 = (failureCount: number, error: unknown): boolean => {
-	if (error instanceof AxiosError && error.response?.status === 429) {
-		return failureCount < 2;
-	}
-	return false;
-};
--- a/frontend/vite.config.ts
+++ b/frontend/vite.config.ts
@@ -97,9 +97,6 @@ export default defineConfig(
 						javascriptEnabled: true,
 					},
 				},
-				modules: {
-					localsConvention: 'camelCaseOnly',
-				},
 			},
 			define: {
 				// TODO: Remove this in favor of import.meta.env
--- a/pkg/alertmanager/alertmanagerserver/dispatcher.go
+++ b/pkg/alertmanager/alertmanagerserver/dispatcher.go
@@ -278,8 +278,7 @@ func (d *Dispatcher) processAlert(alert *types.Alert, route *dispatch.Route) {
 	ruleId := getRuleIDFromAlert(alert)
 	config, err := d.notificationManager.GetNotificationConfig(d.orgID, ruleId)
 	if err != nil {
-		//nolint:sloglint
-		d.logger.ErrorContext(d.ctx, "error getting alert notification config", slog.String("rule.id", ruleId), errors.Attr(err))
+		d.logger.ErrorContext(d.ctx, "error getting alert notification config", slog.String("rule_id", ruleId), errors.Attr(err))
 		return
 	}
 	renotifyInterval := config.Renotify.RenotifyInterval
@@ -329,12 +328,7 @@ func (d *Dispatcher) processAlert(alert *types.Alert, route *dispatch.Route) {
 	go ag.run(func(ctx context.Context, alerts ...*types.Alert) bool {
 		_, _, err := d.stage.Exec(ctx, d.logger, alerts...)
 		if err != nil {
-			receiverName, _ := notify.ReceiverName(ctx)
-			logger := d.logger.With(
-				slog.String("receiver", receiverName),
-				slog.Int("num_alerts", len(alerts)),
-				errors.Attr(err),
-			)
+			logger := d.logger.With(slog.Int("num_alerts", len(alerts)), errors.Attr(err))
 			if errors.Is(ctx.Err(), context.Canceled) {
 				// It is expected for the context to be canceled on
 				// configuration reload or shutdown. In this case, the
--- a/pkg/authz/openfgaauthz/provider.go
+++ b/pkg/authz/openfgaauthz/provider.go
@@ -150,7 +150,7 @@ func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, names []

 	err = provider.Write(ctx, tuples, nil)
 	if err != nil {
-		return errors.WithAdditionalf(err, "failed to grant roles: %v to subject: %s", names, subject)
+		return errors.WrapInternalf(err, errors.CodeInternal, "failed to grant roles: %v to subject: %s", names, subject)
 	}

 	return nil
@@ -188,7 +188,7 @@ func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, names [

 	err = provider.Write(ctx, nil, tuples)
 	if err != nil {
-		return errors.WithAdditionalf(err, "failed to revoke roles: %v to subject: %s", names, subject)
+		return errors.WrapInternalf(err, errors.CodeInternal, "failed to revoke roles: %v to subject: %s", names, subject)
 	}

 	return nil
--- a/pkg/authz/openfgaserver/server.go
+++ b/pkg/authz/openfgaserver/server.go
@@ -15,14 +15,12 @@ import (
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
 	openfgapkgserver "github.com/openfga/openfga/pkg/server"
-	openfgaerrors "github.com/openfga/openfga/pkg/server/errors"
 	"github.com/openfga/openfga/pkg/storage"
 	"google.golang.org/protobuf/encoding/protojson"
 )

 const (
 	batchCheckItemErrorMessage = "::AUTHZ-CHECK-ERROR::"
-	writeErrorMessage          = "::AUTHZ-WRITE-ERROR::"
 )

 var (
@@ -250,19 +248,7 @@ func (server *Server) Write(ctx context.Context, additions []*openfgav1.TupleKey
 		}(),
 	})

-	if err != nil {
-		openfgaError := new(openfgaerrors.InternalError)
-		ok := errors.As(err, openfgaError)
-		if ok {
-			server.settings.Logger().ErrorContext(ctx, writeErrorMessage, errors.Attr(openfgaError.Unwrap()))
-			return errors.New(errors.TypeTooManyRequests, errors.CodeTooManyRequests, openfgaError.Error())
-		}
-
-		server.settings.Logger().ErrorContext(ctx, writeErrorMessage, errors.Attr(err))
-		return err
-	}
-
-	return nil
+	return err
 }

 func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
--- a/pkg/errors/code.go
+++ b/pkg/errors/code.go
@@ -18,7 +18,6 @@ var (
 	CodeUnknown                 = Code{"unknown"}
 	CodeFatal                   = Code{"fatal"}
 	CodeLicenseUnavailable      = Code{"license_unavailable"}
-	CodeTooManyRequests         = Code{"too_many_requests"}
 )

 var (
--- a/pkg/errors/type.go
+++ b/pkg/errors/type.go
@@ -12,9 +12,8 @@ var (
 	TypeCanceled               = typ{"canceled"}
 	TypeTimeout                = typ{"timeout"}
 	TypeUnexpected             = typ{"unexpected"} // Generic mismatch of expectations
-	TypeFatal                  = typ{"fatal"}      // Unrecoverable failure (e.g. panic)
+	TypeFatal                  = typ{"fatal"}     // Unrecoverable failure (e.g. panic)
 	TypeLicenseUnavailable     = typ{"license-unavailable"}
-	TypeTooManyRequests        = typ{"too-many-requests"}
 )

 // Defines custom error types.
--- a/pkg/http/render/render.go
+++ b/pkg/http/render/render.go
@@ -77,8 +77,6 @@ func ErrorTypeFromStatusCode(statusCode int) string {
 		return errors.TypeTimeout.String()
 	case http.StatusUnavailableForLegalReasons:
 		return errors.TypeLicenseUnavailable.String()
-	case http.StatusTooManyRequests:
-		return errors.TypeTooManyRequests.String()
 	default:
 		return errors.TypeInternal.String()
 	}
@@ -110,8 +108,6 @@ func Error(rw http.ResponseWriter, cause error) {
 		httpCode = http.StatusInternalServerError
 	case errors.TypeLicenseUnavailable:
 		httpCode = http.StatusUnavailableForLegalReasons
-	case errors.TypeTooManyRequests:
-		httpCode = http.StatusTooManyRequests
 	}

 	body, err := json.Marshal(&ErrorResponse{Status: StatusError.s, Error: errors.AsJSON(cause)})
--- a/pkg/modules/serviceaccount/config.go
+++ b/pkg/modules/serviceaccount/config.go
@@ -32,7 +32,7 @@ func newConfig() factory.Config {
 			Domain: "signozserviceaccount.com",
 		},
 		Analytics: AnalyticsConfig{
-			Enabled: false,
+			Enabled: true,
 		},
 	}
 }
--- a/pkg/modules/tracedetail/tracedetail.go
+++ b/pkg/modules/tracedetail/tracedetail.go
@@ -1,19 +0,0 @@
-package tracedetail
-
-import (
-	"context"
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/types/tracedetailtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-// Handler exposes HTTP handlers for trace detail APIs.
-type Handler interface {
-	GetWaterfall(http.ResponseWriter, *http.Request)
-}
-
-// Module defines the business logic for trace detail operations.
-type Module interface {
-	GetWaterfall(ctx context.Context, orgID valuer.UUID, traceID string, req *tracedetailtypes.WaterfallRequest) (*tracedetailtypes.WaterfallResponse, error)
-}
--- a/pkg/querier/querier.go
+++ b/pkg/querier/querier.go
@@ -383,15 +383,15 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 							spec.Aggregations[i].Temporality = temp
 						}
 					}
+					if spec.Aggregations[i].Temporality == metrictypes.Unknown {
+						missingMetrics = append(missingMetrics, spec.Aggregations[i].MetricName)
+						continue
+					}
 					if spec.Aggregations[i].MetricName != "" && spec.Aggregations[i].Type == metrictypes.UnspecifiedType {
 						if foundMetricType, ok := metricTypes[spec.Aggregations[i].MetricName]; ok && foundMetricType != metrictypes.UnspecifiedType {
 							spec.Aggregations[i].Type = foundMetricType
 						}
 					}
-					if spec.Aggregations[i].Type == metrictypes.UnspecifiedType {
-						missingMetrics = append(missingMetrics, spec.Aggregations[i].MetricName)
-						continue
-					}
 					presentAggregations = append(presentAggregations, spec.Aggregations[i])
 				}
 				if len(presentAggregations) == 0 {
--- a/pkg/querier/querier_test.go
+++ b/pkg/querier/querier_test.go
@@ -1,145 +0,0 @@
-package querier
-
-import (
-	"context"
-	"testing"
-	"time"
-
-	cmock "github.com/srikanthccv/ClickHouse-go-mock"
-
-	"github.com/SigNoz/signoz/pkg/instrumentation/instrumentationtest"
-	"github.com/SigNoz/signoz/pkg/telemetrystore"
-	"github.com/SigNoz/signoz/pkg/telemetrystore/telemetrystoretest"
-	"github.com/SigNoz/signoz/pkg/types/metrictypes"
-	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes/telemetrytypestest"
-	"github.com/SigNoz/signoz/pkg/valuer"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-type queryMatcherAny struct{}
-
-func (m *queryMatcherAny) Match(string, string) error { return nil }
-
-// mockMetricStmtBuilder implements qbtypes.StatementBuilder[qbtypes.MetricAggregation]
-// and returns a fixed query string so the mock ClickHouse can match it.
-type mockMetricStmtBuilder struct{}
-
-func (m *mockMetricStmtBuilder) Build(_ context.Context, _, _ uint64, _ qbtypes.RequestType, _ qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation], _ map[string]qbtypes.VariableItem) (*qbtypes.Statement, error) {
-	return &qbtypes.Statement{
-		Query: "SELECT ts, value FROM signoz_metrics",
-		Args:  nil,
-	}, nil
-}
-
-func TestQueryRange_MetricTypeMissing(t *testing.T) {
-	// When a metric has UnspecifiedType and is not found in the metadata store,
-	// the querier should return a not-found error, even if the request provides a temporality
-	providerSettings := instrumentationtest.New().ToProviderSettings()
-	metadataStore := telemetrytypestest.NewMockMetadataStore()
-
-	q := New(
-		providerSettings,
-		nil, // telemetryStore
-		metadataStore,
-		nil, // prometheus
-		nil, // traceStmtBuilder
-		nil, // logStmtBuilder
-		nil, // metricStmtBuilder
-		nil, // meterStmtBuilder
-		nil, // traceOperatorStmtBuilder
-		nil, // bucketCache
-	)
-
-	req := &qbtypes.QueryRangeRequest{
-		Start:       uint64(time.Now().Add(-5 * time.Minute).UnixMilli()),
-		End:         uint64(time.Now().UnixMilli()),
-		RequestType: qbtypes.RequestTypeTimeSeries,
-		CompositeQuery: qbtypes.CompositeQuery{
-			Queries: []qbtypes.QueryEnvelope{{
-				Type: qbtypes.QueryTypeBuilder,
-				Spec: qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation]{
-					Name:         "A",
-					StepInterval: qbtypes.Step{Duration: time.Minute},
-					Aggregations: []qbtypes.MetricAggregation{
-						{
-							MetricName:       "unknown_metric",
-							Temporality:      metrictypes.Cumulative,
-							TimeAggregation:  metrictypes.TimeAggregationRate,
-							SpaceAggregation: metrictypes.SpaceAggregationSum,
-						},
-					},
-					Signal: telemetrytypes.SignalMetrics,
-				},
-			}},
-		},
-	}
-
-	_, err := q.QueryRange(context.Background(), valuer.GenerateUUID(), req)
-	require.Error(t, err)
-	assert.Contains(t, err.Error(), "could not find the metric unknown_metric")
-}
-
-func TestQueryRange_MetricTypeFromStore(t *testing.T) {
-	// When a metric has UnspecifiedType but the metadata store returns a valid type,
-	// the metric should not be treated as missing.
-	providerSettings := instrumentationtest.New().ToProviderSettings()
-	metadataStore := telemetrytypestest.NewMockMetadataStore()
-	metadataStore.TypeMap["my_metric"] = metrictypes.SumType
-	metadataStore.TemporalityMap["my_metric"] = metrictypes.Cumulative
-
-	telemetryStore := telemetrystoretest.New(telemetrystore.Config{}, &queryMatcherAny{})
-
-	cols := []cmock.ColumnType{
-		{Name: "ts", Type: "DateTime"},
-		{Name: "value", Type: "Float64"},
-	}
-	rows := cmock.NewRows(cols, [][]any{
-		{time.Now(), float64(42)},
-	})
-	telemetryStore.Mock().
-		ExpectQuery("SELECT any").
-		WillReturnRows(rows)
-
-	q := New(
-		providerSettings,
-		telemetryStore,
-		metadataStore,
-		nil,                      // prometheus
-		nil,                      // traceStmtBuilder
-		nil,                      // logStmtBuilder
-		&mockMetricStmtBuilder{}, // metricStmtBuilder
-		nil,                      // meterStmtBuilder
-		nil,                      // traceOperatorStmtBuilder
-		nil,                      // bucketCache
-	)
-
-	req := &qbtypes.QueryRangeRequest{
-		Start:       uint64(time.Now().Add(-5 * time.Minute).UnixMilli()),
-		End:         uint64(time.Now().UnixMilli()),
-		RequestType: qbtypes.RequestTypeTimeSeries,
-		CompositeQuery: qbtypes.CompositeQuery{
-			Queries: []qbtypes.QueryEnvelope{{
-				Type: qbtypes.QueryTypeBuilder,
-				Spec: qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation]{
-					Name:         "A",
-					StepInterval: qbtypes.Step{Duration: time.Minute},
-					Aggregations: []qbtypes.MetricAggregation{
-						{
-							MetricName:       "my_metric",
-							TimeAggregation:  metrictypes.TimeAggregationRate,
-							SpaceAggregation: metrictypes.SpaceAggregationSum,
-						},
-					},
-					Signal: telemetrytypes.SignalMetrics,
-				},
-			}},
-		},
-	}
-
-	resp, err := q.QueryRange(context.Background(), valuer.GenerateUUID(), req)
-	require.NoError(t, err)
-	require.NotNil(t, resp)
-}
--- a/pkg/query-service/rules/base_rule.go
+++ b/pkg/query-service/rules/base_rule.go
@@ -110,7 +110,7 @@ func WithEvalDelay(dur valuer.TextDuration) RuleOption {

 func WithLogger(logger *slog.Logger) RuleOption {
 	return func(r *BaseRule) {
-		r.logger = logger.With(slog.String("rule.id", r.id))
+		r.logger = logger
 	}
 }

@@ -248,7 +248,7 @@ func (r *BaseRule) SelectedQuery(ctx context.Context) string {
 	if r.ruleCondition.SelectedQuery != "" {
 		return r.ruleCondition.SelectedQuery
 	}
-	r.logger.WarnContext(ctx, "missing selected query")
+	r.logger.WarnContext(ctx, "missing selected query", slog.String("rule.id", r.ID()))
 	return r.ruleCondition.SelectedQueryName()
 }

@@ -368,7 +368,7 @@ func (r *BaseRule) SendAlerts(ctx context.Context, ts time.Time, resendDelay tim
 			alerts = append(alerts, &anew)
 		}
 	})
-	notifyFunc(ctx, orgID, alerts...)
+	notifyFunc(ctx, orgID, "", alerts...)
 }

 func (r *BaseRule) ForEachActiveAlert(f func(*ruletypes.Alert)) {
@@ -380,13 +380,13 @@ func (r *BaseRule) ForEachActiveAlert(f func(*ruletypes.Alert)) {
 	}
 }

-func (r *BaseRule) RecordRuleStateHistory(ctx context.Context, itemsToAdd []rulestatehistorytypes.RuleStateHistory) error {
+func (r *BaseRule) RecordRuleStateHistory(ctx context.Context, prevState, currentState ruletypes.AlertState, itemsToAdd []rulestatehistorytypes.RuleStateHistory) error {
 	if r.ruleStateHistoryModule == nil {
 		return nil
 	}

 	if err := r.ruleStateHistoryModule.RecordRuleStateHistory(ctx, r.ID(), r.handledRestart, itemsToAdd); err != nil {
-		r.logger.ErrorContext(ctx, "error while recording rule state history", errors.Attr(err), slog.Any("items_to_add", itemsToAdd))
+		r.logger.ErrorContext(ctx, "error while recording rule state history", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("items_to_add", itemsToAdd))
 		return err
 	}
 	r.handledRestart = true
@@ -580,12 +580,7 @@ func (r *BaseRule) FilterNewSeries(ctx context.Context, ts time.Time, series []*
 		// Check if first_seen + delay has passed
 		if maxFirstSeen+newGroupEvalDelayMs > evalTimeMs {
 			// Still within grace period, skip this series
-			r.logger.InfoContext(
-				ctx, "skipping new series",
-				slog.Int("series.index", i), slog.Int64("series.max_first_seen", maxFirstSeen),
-				slog.Int64("eval.time_ms", evalTimeMs), slog.Int64("eval.delay_ms", newGroupEvalDelayMs),
-				slog.Any("series.labels", series[i].Labels),
-			)
+			r.logger.InfoContext(ctx, "skipping new series", slog.String("rule.id", r.ID()), slog.Int("series.index", i), slog.Int64("series.max_first_seen", maxFirstSeen), slog.Int64("eval.time_ms", evalTimeMs), slog.Int64("eval.delay_ms", newGroupEvalDelayMs), slog.Any("series.labels", series[i].Labels))
 			continue
 		}

@@ -595,11 +590,7 @@ func (r *BaseRule) FilterNewSeries(ctx context.Context, ts time.Time, series []*

 	skippedCount := len(series) - len(filteredSeries)
 	if skippedCount > 0 {
-		r.logger.InfoContext(
-			ctx, "filtered new series",
-			slog.Int("series.skipped_count", skippedCount), slog.Int("series.total_count", len(series)),
-			slog.Int64("eval.delay_ms", newGroupEvalDelayMs),
-		)
+		r.logger.InfoContext(ctx, "filtered new series", slog.String("rule.id", r.ID()), slog.Int("series.skipped_count", skippedCount), slog.Int("series.total_count", len(series)), slog.Int64("eval.delay_ms", newGroupEvalDelayMs))
 	}

 	return filteredSeries, nil
@@ -620,7 +611,7 @@ func (r *BaseRule) HandleMissingDataAlert(ctx context.Context, ts time.Time, has
 		return nil
 	}

-	r.logger.InfoContext(ctx, "no data found for rule condition")
+	r.logger.InfoContext(ctx, "no data found for rule condition", slog.String("rule.id", r.ID()))
 	lbls := ruletypes.NewBuilder()
 	if !r.lastTimestampWithDatapoints.IsZero() {
 		lbls.Set(ruletypes.LabelLastSeen, r.lastTimestampWithDatapoints.Format(ruletypes.AlertTimeFormat))
--- a/pkg/query-service/rules/manager.go
+++ b/pkg/query-service/rules/manager.go
@@ -438,7 +438,7 @@ func (m *Manager) editTask(_ context.Context, orgID valuer.UUID, rule *ruletypes
 		Logger:           m.opts.Logger,
 		Cache:            m.cache,
 		ManagerOpts:      m.opts,
-		NotifyFunc:       m.notifyFunc,
+		NotifyFunc:       m.prepareNotifyFunc(),
 		SQLStore:         m.sqlstore,
 		OrgID:            orgID,
 	})
@@ -651,7 +651,7 @@ func (m *Manager) addTask(_ context.Context, orgID valuer.UUID, rule *ruletypes.
 		Logger:           m.opts.Logger,
 		Cache:            m.cache,
 		ManagerOpts:      m.opts,
-		NotifyFunc:       m.notifyFunc,
+		NotifyFunc:       m.prepareNotifyFunc(),
 		SQLStore:         m.sqlstore,
 		OrgID:            orgID,
 	})
@@ -752,65 +752,70 @@ func (m *Manager) TriggeredAlerts() []*ruletypes.NamedAlert {
 }

 // NotifyFunc sends notifications about a set of alerts generated by the given expression.
-type NotifyFunc func(ctx context.Context, orgID string, alerts ...*ruletypes.Alert)
+type NotifyFunc func(ctx context.Context, orgID string, expr string, alerts ...*ruletypes.Alert)

-// notifyFunc implements the NotifyFunc for a Notifier.
-func (m *Manager) notifyFunc(ctx context.Context, orgID string, alerts ...*ruletypes.Alert) {
-	var res []*alertmanagertypes.PostableAlert
+// prepareNotifyFunc implements the NotifyFunc for a Notifier.
+func (m *Manager) prepareNotifyFunc() NotifyFunc {
+	return func(ctx context.Context, orgID string, expr string, alerts ...*ruletypes.Alert) {
+		var res []*alertmanagertypes.PostableAlert

-	for _, alert := range alerts {
-		generatorURL := alert.GeneratorURL
+		for _, alert := range alerts {
+			generatorURL := alert.GeneratorURL

-		a := &alertmanagertypes.PostableAlert{
-			Annotations: alert.Annotations.Map(),
-			StartsAt:    strfmt.DateTime(alert.FiredAt),
-			Alert: alertmanagertypes.AlertModel{
-				Labels:       alert.Labels.Map(),
-				GeneratorURL: strfmt.URI(generatorURL),
-			},
-		}
-		if !alert.ResolvedAt.IsZero() {
-			a.EndsAt = strfmt.DateTime(alert.ResolvedAt)
-		} else {
-			a.EndsAt = strfmt.DateTime(alert.ValidUntil)
+			a := &alertmanagertypes.PostableAlert{
+				Annotations: alert.Annotations.Map(),
+				StartsAt:    strfmt.DateTime(alert.FiredAt),
+				Alert: alertmanagertypes.AlertModel{
+					Labels:       alert.Labels.Map(),
+					GeneratorURL: strfmt.URI(generatorURL),
+				},
+			}
+			if !alert.ResolvedAt.IsZero() {
+				a.EndsAt = strfmt.DateTime(alert.ResolvedAt)
+			} else {
+				a.EndsAt = strfmt.DateTime(alert.ValidUntil)
+			}
+
+			res = append(res, a)
 		}

-		res = append(res, a)
-	}
-
-	if len(alerts) > 0 {
-		m.alertmanager.PutAlerts(ctx, orgID, res)
+		if len(alerts) > 0 {
+			m.alertmanager.PutAlerts(ctx, orgID, res)
+		}
 	}
 }

-func (m *Manager) testNotifyFunc(ctx context.Context, orgID string, alerts ...*ruletypes.Alert) {
-	if len(alerts) == 0 {
-		return
-	}
-	ruleID := alerts[0].Labels.Map()[ruletypes.AlertRuleIDLabel]
-	receiverMap := make(map[*alertmanagertypes.PostableAlert][]string)
-	for _, alert := range alerts {
-		generatorURL := alert.GeneratorURL
+func (m *Manager) prepareTestNotifyFunc() NotifyFunc {
+	return func(ctx context.Context, orgID string, expr string, alerts ...*ruletypes.Alert) {
+		if len(alerts) == 0 {
+			return
+		}
+		ruleID := alerts[0].Labels.Map()[ruletypes.AlertRuleIDLabel]
+		receiverMap := make(map[*alertmanagertypes.PostableAlert][]string)
+		for _, alert := range alerts {
+			generatorURL := alert.GeneratorURL

-		a := &alertmanagertypes.PostableAlert{}
-		a.Annotations = alert.Annotations.Map()
-		a.StartsAt = strfmt.DateTime(alert.FiredAt)
-		labelsMap := alert.Labels.Map()
-		labelsMap[ruletypes.TestAlertLabel] = "true"
-		a.Alert = alertmanagertypes.AlertModel{
-			Labels:       labelsMap,
-			GeneratorURL: strfmt.URI(generatorURL),
+			a := &alertmanagertypes.PostableAlert{}
+			a.Annotations = alert.Annotations.Map()
+			a.StartsAt = strfmt.DateTime(alert.FiredAt)
+			labelsMap := alert.Labels.Map()
+			labelsMap[ruletypes.TestAlertLabel] = "true"
+			a.Alert = alertmanagertypes.AlertModel{
+				Labels:       labelsMap,
+				GeneratorURL: strfmt.URI(generatorURL),
+			}
+			if !alert.ResolvedAt.IsZero() {
+				a.EndsAt = strfmt.DateTime(alert.ResolvedAt)
+			} else {
+				a.EndsAt = strfmt.DateTime(alert.ValidUntil)
+			}
+			receiverMap[a] = alert.Receivers
 		}
-		if !alert.ResolvedAt.IsZero() {
-			a.EndsAt = strfmt.DateTime(alert.ResolvedAt)
-		} else {
-			a.EndsAt = strfmt.DateTime(alert.ValidUntil)
+		err := m.alertmanager.TestAlert(ctx, orgID, ruleID, receiverMap)
+		if err != nil {
+			m.logger.ErrorContext(ctx, "failed to send test notification", errors.Attr(err))
+			return
 		}
-		receiverMap[a] = alert.Receivers
-	}
-	err := m.alertmanager.TestAlert(ctx, orgID, ruleID, receiverMap)
-	if err != nil {
-		m.logger.ErrorContext(ctx, "failed to send test notification", errors.Attr(err))
 	}
 }

@@ -1036,7 +1041,7 @@ func (m *Manager) TestNotification(ctx context.Context, orgID valuer.UUID, ruleS
 		Logger:           m.opts.Logger,
 		Cache:            m.cache,
 		ManagerOpts:      m.opts,
-		NotifyFunc:       m.testNotifyFunc,
+		NotifyFunc:       m.prepareTestNotifyFunc(),
 		SQLStore:         m.sqlstore,
 		OrgID:            orgID,
 	})
--- a/pkg/query-service/rules/prom_rule.go
+++ b/pkg/query-service/rules/prom_rule.go
@@ -48,13 +48,14 @@ func NewPromRule(
 		version:    postableRule.Version,
 		prometheus: prometheus,
 	}
+	p.logger = logger

 	query, err := p.getPqlQuery(context.Background())
 	if err != nil {
 		// can not generate a valid prom QL query
 		return nil, err
 	}
-	p.logger.Info("creating new prom rule", slog.String("rule.query", query))
+	logger.Info("creating new prom rule", slog.String("rule.id", id), slog.String("rule.query", query))
 	return &p, nil
 }

@@ -96,7 +97,7 @@ func (r *PromRule) buildAndRunQuery(ctx context.Context, ts time.Time) (ruletype
 	if err != nil {
 		return nil, err
 	}
-	r.logger.InfoContext(ctx, "evaluating promql query", slog.String("rule.query", q))
+	r.logger.InfoContext(ctx, "evaluating promql query", slog.String("rule.id", r.ID()), slog.String("rule.query", q))
 	res, err := r.RunAlertQuery(ctx, q, start, end, interval)
 	if err != nil {
 		r.SetHealth(ruletypes.HealthBad)
@@ -116,7 +117,7 @@ func (r *PromRule) buildAndRunQuery(ctx context.Context, ts time.Time) (ruletype
 		filteredSeries, filterErr := r.BaseRule.FilterNewSeries(ctx, ts, matrixToProcess)
 		// In case of error we log the error and continue with the original series
 		if filterErr != nil {
-			r.logger.ErrorContext(ctx, "error filtering new series", errors.Attr(filterErr))
+			r.logger.ErrorContext(ctx, "error filtering new series", slog.String("rule.id", r.ID()), errors.Attr(filterErr))
 		} else {
 			matrixToProcess = filteredSeries
 		}
@@ -128,8 +129,7 @@ func (r *PromRule) buildAndRunQuery(ctx context.Context, ts time.Time) (ruletype
 		if !r.Condition().ShouldEval(series) {
 			r.logger.InfoContext(
 				ctx, "not enough data points to evaluate series, skipping",
-				slog.Int("series.num_points", len(series.Values)),
-				slog.Int("series.required_points", r.Condition().RequiredNumPoints),
+				"rule.id", r.ID(), "num_points", len(series.Values), "required_points", r.Condition().RequiredNumPoints,
 			)
 			continue
 		}
@@ -173,7 +173,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		for _, lbl := range result.Metric {
 			l[lbl.Name] = lbl.Value
 		}
-		r.logger.DebugContext(ctx, "alerting for series", slog.Any("series", result))
+		r.logger.DebugContext(ctx, "alerting for series", slog.String("rule.id", r.ID()), slog.Any("series", result))

 		threshold := valueFormatter.Format(result.Target, result.TargetUnit)

@@ -193,7 +193,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			result, err := tmpl.Expand()
 			if err != nil {
 				result = fmt.Sprintf("<error expanding template: %s>", err)
-				r.logger.WarnContext(ctx, "expanding alert template failed", errors.Attr(err), slog.Any("alert.template_data", tmplData))
+				r.logger.WarnContext(ctx, "expanding alert template failed", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("alert.template_data", tmplData))
 			}
 			return result
 		}
@@ -244,7 +244,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		}
 	}

-	r.logger.InfoContext(ctx, "number of alerts found", slog.Int("alert.count", len(alerts)))
+	r.logger.InfoContext(ctx, "number of alerts found", slog.String("rule.id", r.ID()), slog.Int("alert.count", len(alerts)))
 	// alerts[h] is ready, add or update active list now
 	for h, a := range alerts {
 		// Check whether we already have alerting state for the identifying label set.
@@ -271,7 +271,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 	for fp, a := range r.Active {
 		labelsJSON, err := json.Marshal(a.QueryResultLabels)
 		if err != nil {
-			r.logger.ErrorContext(ctx, "error marshaling labels", errors.Attr(err))
+			r.logger.ErrorContext(ctx, "error marshaling labels", slog.String("rule.id", r.ID()), errors.Attr(err))
 		}
 		if _, ok := resultFPs[fp]; !ok {
 			// If the alert was previously firing, keep it around for a given
@@ -325,7 +325,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 				state = ruletypes.StateFiring
 			}
 			a.State = state
-			r.logger.DebugContext(ctx, "converting alert state", slog.Any("alert.state", state))
+			r.logger.DebugContext(ctx, "converting alert state", slog.String("rule.id", r.ID()), slog.Any("alert.state", state))
 			itemsToAdd = append(itemsToAdd, rulestatehistorytypes.RuleStateHistory{
 				RuleID:       r.ID(),
 				RuleName:     r.Name(),
@@ -350,7 +350,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		itemsToAdd[idx] = item
 	}

-	_ = r.RecordRuleStateHistory(ctx, itemsToAdd)
+	r.RecordRuleStateHistory(ctx, prevState, currentState, itemsToAdd)

 	return len(r.Active), nil
 }
--- a/pkg/query-service/rules/rule.go
+++ b/pkg/query-service/rules/rule.go
@@ -41,7 +41,11 @@ type Rule interface {
 	SetEvaluationTimestamp(time.Time)
 	GetEvaluationTimestamp() time.Time

-	RecordRuleStateHistory(ctx context.Context, itemsToAdd []rulestatehistorytypes.RuleStateHistory) error
+	RecordRuleStateHistory(
+		ctx context.Context,
+		prevState, currentState ruletypes.AlertState,
+		itemsToAdd []rulestatehistorytypes.RuleStateHistory,
+	) error

 	SendAlerts(
 		ctx context.Context,
--- a/pkg/query-service/rules/rule_task.go
+++ b/pkg/query-service/rules/rule_task.go
@@ -2,7 +2,6 @@ package rules

 import (
 	"context"
-	"runtime/debug"
 	"sort"
 	"sync"
 	"time"
@@ -309,10 +308,7 @@ func (g *RuleTask) Eval(ctx context.Context, ts time.Time) {

 	defer func() {
 		if r := recover(); r != nil {
-			g.logger.ErrorContext(
-				ctx, "panic during rule evaluation", slog.Any("panic", r),
-				slog.String("stack", string(debug.Stack())),
-			)
+			g.logger.ErrorContext(ctx, "panic during threshold rule evaluation", "panic", r)
 		}
 	}()

--- a/pkg/query-service/rules/setups_test.go
+++ b/pkg/query-service/rules/setups_test.go
@@ -17,7 +17,7 @@ import (
 	"github.com/stretchr/testify/require"
 )

-func prepareQuerierForMetrics(t *testing.T, telemetryStore telemetrystore.TelemetryStore) (querier.Querier, *telemetrytypestest.MockMetadataStore) {
+func prepareQuerierForMetrics(t *testing.T, telemetryStore telemetrystore.TelemetryStore) querier.Querier {
 	providerSettings := instrumentationtest.New().ToProviderSettings()
 	metadataStore := telemetrytypestest.NewMockMetadataStore()

@@ -50,7 +50,7 @@ func prepareQuerierForMetrics(t *testing.T, telemetryStore telemetrystore.Teleme
 		nil, // meterStmtBuilder
 		nil, // traceOperatorStmtBuilder
 		nil, // bucketCache
-	), metadataStore
+	)
 }

 func prepareQuerierForLogs(telemetryStore telemetrystore.TelemetryStore, keysMap map[string][]*telemetrytypes.TelemetryFieldKey) querier.Querier {
--- a/pkg/query-service/rules/threshold_rule.go
+++ b/pkg/query-service/rules/threshold_rule.go
@@ -40,7 +40,7 @@ func NewThresholdRule(
 	logger *slog.Logger,
 	opts ...RuleOption,
 ) (*ThresholdRule, error) {
-	logger.Info("creating new ThresholdRule", slog.String("rule.id", id))
+	logger.Info("creating new ThresholdRule", "id", id)

 	opts = append(opts, WithLogger(logger))

@@ -76,6 +76,7 @@ func (r *ThresholdRule) prepareQueryRange(ctx context.Context, ts time.Time) (*q
 		slog.Int64("ts", ts.UnixMilli()),
 		slog.Int64("eval_window", r.evalWindow.Milliseconds()),
 		slog.Int64("eval_delay", r.evalDelay.Milliseconds()),
+		slog.String("rule.id", r.ID()),
 	)

 	startTs, endTs := r.Timestamps(ts)
@@ -198,7 +199,7 @@ func (r *ThresholdRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID,
 			results = append(results, tsData)
 		} else {
 			// NOTE: should not happen but just to ensure we don't miss it if it happens for some reason
-			r.logger.WarnContext(ctx, "expected qbtypes.TimeSeriesData but got unexpected type", slog.String("item.type", reflect.TypeOf(item).String()))
+			r.logger.WarnContext(ctx, "expected qbtypes.TimeSeriesData but got unexpected type", slog.String("rule.id", r.ID()), slog.String("item.type", reflect.TypeOf(item).String()))
 		}
 	}

@@ -224,7 +225,7 @@ func (r *ThresholdRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID,
 	var resultVector ruletypes.Vector

 	if queryResult == nil || len(queryResult.Aggregations) == 0 || queryResult.Aggregations[0] == nil {
-		r.logger.WarnContext(ctx, "query result is nil", slog.String("query.name", selectedQuery))
+		r.logger.WarnContext(ctx, "query result is nil", slog.String("rule.id", r.ID()), slog.String("query.name", selectedQuery))
 		return resultVector, nil
 	}

@@ -234,7 +235,7 @@ func (r *ThresholdRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID,
 		filteredSeries, filterErr := r.BaseRule.FilterNewSeries(ctx, ts, seriesToProcess)
 		// In case of error we log the error and continue with the original series
 		if filterErr != nil {
-			r.logger.ErrorContext(ctx, "error filtering new series", errors.Attr(filterErr))
+			r.logger.ErrorContext(ctx, "error filtering new series", slog.String("rule.id", r.ID()), errors.Attr(filterErr))
 		} else {
 			seriesToProcess = filteredSeries
 		}
@@ -242,11 +243,7 @@ func (r *ThresholdRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID,

 	for _, series := range seriesToProcess {
 		if !r.Condition().ShouldEval(series) {
-			r.logger.InfoContext(
-				ctx, "not enough data points to evaluate series, skipping",
-				slog.Int("series.num_points", len(series.Values)),
-				slog.Int("series.required_points", r.Condition().RequiredNumPoints),
-			)
+			r.logger.InfoContext(ctx, "not enough data points to evaluate series, skipping", slog.String("rule.id", r.ID()), slog.Int("series.num_points", len(series.Values)), slog.Int("series.required_points", r.Condition().RequiredNumPoints))
 			continue
 		}
 		resultSeries, err := r.Threshold.Eval(series, r.Unit(), ruletypes.EvalData{
@@ -297,10 +294,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		value := valueFormatter.Format(smpl.V, r.Unit())
 		// todo(aniket): handle different threshold
 		threshold := valueFormatter.Format(smpl.Target, smpl.TargetUnit)
-		r.logger.DebugContext(
-			ctx, "alert template data for rule", slog.String("formatter.name", valueFormatter.Name()),
-			slog.String("alert.value", value), slog.String("alert.threshold", threshold),
-		)
+		r.logger.DebugContext(ctx, "alert template data for rule", slog.String("rule.id", r.ID()), slog.String("formatter.name", valueFormatter.Name()), slog.String("alert.value", value), slog.String("alert.threshold", threshold))

 		tmplData := ruletypes.AlertTemplateData(l, value, threshold)
 		// Inject some convenience variables that are easier to remember for users
@@ -319,7 +313,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			result, err := tmpl.Expand()
 			if err != nil {
 				result = fmt.Sprintf("<error expanding template: %s>", err)
-				r.logger.ErrorContext(ctx, "expanding alert template failed", errors.Attr(err), slog.Any("alert.template_data", tmplData))
+				r.logger.ErrorContext(ctx, "expanding alert template failed", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("alert.template_data", tmplData))
 			}
 			return result
 		}
@@ -351,13 +345,13 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		case ruletypes.AlertTypeTraces:
 			link := r.prepareLinksToTraces(ctx, ts, smpl.Metric)
 			if link != "" && r.hostFromSource() != "" {
-				r.logger.InfoContext(ctx, "adding traces link to annotations", slog.String("annotation.link", fmt.Sprintf("%s/traces-explorer?%s", r.hostFromSource(), link)))
+				r.logger.InfoContext(ctx, "adding traces link to annotations", slog.String("rule.id", r.ID()), slog.String("annotation.link", fmt.Sprintf("%s/traces-explorer?%s", r.hostFromSource(), link)))
 				annotations = append(annotations, ruletypes.Label{Name: "related_traces", Value: fmt.Sprintf("%s/traces-explorer?%s", r.hostFromSource(), link)})
 			}
 		case ruletypes.AlertTypeLogs:
 			link := r.prepareLinksToLogs(ctx, ts, smpl.Metric)
 			if link != "" && r.hostFromSource() != "" {
-				r.logger.InfoContext(ctx, "adding logs link to annotations", slog.String("annotation.link", fmt.Sprintf("%s/logs/logs-explorer?%s", r.hostFromSource(), link)))
+				r.logger.InfoContext(ctx, "adding logs link to annotations", slog.String("rule.id", r.ID()), slog.String("annotation.link", fmt.Sprintf("%s/logs/logs-explorer?%s", r.hostFromSource(), link)))
 				annotations = append(annotations, ruletypes.Label{Name: "related_logs", Value: fmt.Sprintf("%s/logs/logs-explorer?%s", r.hostFromSource(), link)})
 			}
 		}
@@ -384,7 +378,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		}
 	}

-	r.logger.InfoContext(ctx, "number of alerts found", slog.Int("alert.count", len(alerts)))
+	r.logger.InfoContext(ctx, "number of alerts found", slog.String("rule.id", r.ID()), slog.Int("alert.count", len(alerts)))

 	// alerts[h] is ready, add or update active list now
 	for h, a := range alerts {
@@ -412,7 +406,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 	for fp, a := range r.Active {
 		labelsJSON, err := json.Marshal(a.QueryResultLabels)
 		if err != nil {
-			r.logger.ErrorContext(ctx, "error marshaling labels", errors.Attr(err), slog.Any("alert.labels", a.Labels))
+			r.logger.ErrorContext(ctx, "error marshaling labels", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("alert.labels", a.Labels))
 		}
 		if _, ok := resultFPs[fp]; !ok {
 			// If the alert was previously firing, keep it around for a given
@@ -421,7 +415,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 				delete(r.Active, fp)
 			}
 			if a.State != ruletypes.StateInactive {
-				r.logger.DebugContext(ctx, "converting firing alert to inactive")
+				r.logger.DebugContext(ctx, "converting firing alert to inactive", slog.String("rule.id", r.ID()))
 				a.State = ruletypes.StateInactive
 				a.ResolvedAt = ts
 				itemsToAdd = append(itemsToAdd, rulestatehistorytypes.RuleStateHistory{
@@ -439,7 +433,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		}

 		if a.State == ruletypes.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration.Duration() {
-			r.logger.DebugContext(ctx, "converting pending alert to firing")
+			r.logger.DebugContext(ctx, "converting pending alert to firing", slog.String("rule.id", r.ID()))
 			a.State = ruletypes.StateFiring
 			a.FiredAt = ts
 			state := ruletypes.StateFiring
@@ -469,7 +463,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 				state = ruletypes.StateFiring
 			}
 			a.State = state
-			r.logger.DebugContext(ctx, "converting alert state", slog.Any("alert.state", state))
+			r.logger.DebugContext(ctx, "converting alert state", slog.String("rule.id", r.ID()), slog.Any("alert.state", state))
 			itemsToAdd = append(itemsToAdd, rulestatehistorytypes.RuleStateHistory{
 				RuleID:       r.ID(),
 				RuleName:     r.Name(),
@@ -492,7 +486,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		itemsToAdd[idx] = item
 	}

-	_ = r.RecordRuleStateHistory(ctx, itemsToAdd)
+	r.RecordRuleStateHistory(ctx, prevState, currentState, itemsToAdd)

 	r.health = ruletypes.HealthGood
 	r.lastError = err
--- a/pkg/query-service/rules/threshold_rule_test.go
+++ b/pkg/query-service/rules/threshold_rule_test.go
@@ -511,8 +511,7 @@ func TestThresholdRuleUnitCombinations(t *testing.T) {
 	}
 	telemetryStore := telemetrystoretest.New(telemetrystore.Config{}, &queryMatcherAny{})

-	querier, mockMetadataStore := prepareQuerierForMetrics(t, telemetryStore)
-	mockMetadataStore.TypeMap["signoz_calls_total"] = metrictypes.SumType
+	querier := prepareQuerierForMetrics(t, telemetryStore)

 	cols := []cmock.ColumnType{
 		{Name: "ts", Type: "DateTime"},
@@ -728,8 +727,7 @@ func TestThresholdRuleNoData(t *testing.T) {
 			WithArgs(nil, nil, nil, nil, nil, nil, nil, nil).
 			WillReturnRows(rows)

-		querier, mockMetadataStore := prepareQuerierForMetrics(t, telemetryStore)
-		mockMetadataStore.TypeMap["signoz_calls_total"] = metrictypes.SumType
+		querier := prepareQuerierForMetrics(t, telemetryStore)

 		var target float64 = 0
 		postableRule.RuleCondition.Thresholds = &ruletypes.RuleThresholdData{
@@ -826,7 +824,7 @@ func TestThresholdRuleTracesLink(t *testing.T) {
 		queryString := "SELECT any"
 		telemetryStore.Mock().
 			ExpectQuery(queryString).
-			WithArgs(nil, nil, nil, nil, nil, nil, nil, nil, nil).
+			WithArgs(nil, nil, nil, nil, nil, nil, nil).
 			WillReturnRows(rows)

 		querier := prepareQuerierForTraces(telemetryStore, keysMap)
@@ -1117,8 +1115,7 @@ func TestMultipleThresholdRule(t *testing.T) {
 			WithArgs(nil, nil, nil, nil, nil, nil, nil, nil).
 			WillReturnRows(rows)

-		querier, mockMetadataStore := prepareQuerierForMetrics(t, telemetryStore)
-		mockMetadataStore.TypeMap["signoz_calls_total"] = metrictypes.SumType
+		querier := prepareQuerierForMetrics(t, telemetryStore)

 		postableRule.RuleCondition.CompareOperator = c.compareOperator
 		postableRule.RuleCondition.MatchType = c.matchType
@@ -1906,8 +1903,7 @@ func TestThresholdEval_RequireMinPoints(t *testing.T) {
 			WithArgs(nil, nil, nil, nil, nil, nil, nil, nil).
 			WillReturnRows(rows)

-		querier, mockMetadataStore := prepareQuerierForMetrics(t, telemetryStore)
-		mockMetadataStore.TypeMap["signoz_calls_total"] = metrictypes.SumType
+		querier := prepareQuerierForMetrics(t, telemetryStore)

 		rc := postableRule.RuleCondition
 		rc.Target = &c.target
--- a/pkg/querybuilder/fallback_expr.go
+++ b/pkg/querybuilder/fallback_expr.go
@@ -211,8 +211,6 @@ func DataTypeCollisionHandledFieldName(key *telemetrytypes.TelemetryFieldKey, va
 		case float64:
 			// try to convert the string value to to number
 			tblFieldName = castFloat(tblFieldName)
-		case int, int8, int16, int32, int64, uint, uint8, uint16, uint32, uint64:
-			tblFieldName = castFloat(tblFieldName)
 		case []any:
 			if allFloats(v) {
 				tblFieldName = castFloat(tblFieldName)
@@ -279,18 +277,6 @@ func DataTypeCollisionHandledFieldName(key *telemetrytypes.TelemetryFieldKey, va
 				tblFieldName, value = castString(tblFieldName), toStrings(v)
 			}
 		}
-	case telemetrytypes.FieldDataTypeArrayDynamic:
-		switch v := value.(type) {
-		case string:
-			tblFieldName = castString(tblFieldName)
-		case float32, float64, int, int8, int16, int32, int64, uint, uint8, uint16, uint32, uint64:
-			tblFieldName = accurateCastFloat(tblFieldName)
-		case bool:
-			tblFieldName = castBool(tblFieldName)
-		case []any:
-			// dynamic array elements will be default casted to string
-			tblFieldName, value = castString(tblFieldName), toStrings(v)
-		}
 	}
 	return tblFieldName, value
 }
@@ -298,10 +284,6 @@ func DataTypeCollisionHandledFieldName(key *telemetrytypes.TelemetryFieldKey, va
 func castFloat(col string) string     { return fmt.Sprintf("toFloat64OrNull(%s)", col) }
 func castFloatHack(col string) string { return fmt.Sprintf("toFloat64(%s)", col) }
 func castString(col string) string    { return fmt.Sprintf("toString(%s)", col) }
-func castBool(col string) string      { return fmt.Sprintf("accurateCastOrNull(%s, 'Bool')", col) }
-func accurateCastFloat(col string) string {
-	return fmt.Sprintf("accurateCastOrNull(%s, 'Float64')", col)
-}

 func allFloats(in []any) bool {
 	for _, x := range in {
--- a/pkg/querybuilder/where_clause_visitor.go
+++ b/pkg/querybuilder/where_clause_visitor.go
@@ -166,11 +166,10 @@ func PrepareWhereClause(query string, opts FilterExprVisitorOpts) (*PreparedWher
 		return nil, combinedErrors.WithAdditional(visitor.errors...).WithUrl(url)
 	}

-	// The visitor returns exactly SkipConditionLiteral (never a substring) when
-	// there are no evaluable conditions; replace it with the no-op SQL literal.
-	// TODO(nitya): In this case we can choose to ignore resource_filter_cte
+	// Return nil so callers can skip the
+	// entire CTE/subquery rather than emitting WHERE clause that select all the rows
 	if cond == "" || cond == SkipConditionLiteral {
-		cond = TrueConditionLiteral
+		return nil, nil //nolint:nilnil
 	}

 	whereClause := sqlbuilder.NewWhereClause().AddWhereExpr(visitor.builder.Args, cond)
--- a/pkg/querybuilder/where_clause_visitor_test.go
+++ b/pkg/querybuilder/where_clause_visitor_test.go
@@ -702,7 +702,7 @@ func TestVisitKey(t *testing.T) {
 //               → AND returns SkipConditionLiteral which propagates upward
 //     • In OR:  short-circuits the entire OR immediately (returns SkipConditionLiteral)
 //     • NOT(SkipConditionLiteral) → SkipConditionLiteral (guard in VisitUnaryExpression)
-//     • PrepareWhereClause converts a top-level SkipConditionLiteral to TrueConditionLiteral ("WHERE true")
+//     • PrepareWhereClause converts a top-level SkipConditionLiteral to nil
 //
 // Test cases with wantErrSB=true use PrepareWhereClause directly to verify
 // that SB returns an error (instead of calling buildSQLOpts which fatalf's).
@@ -819,27 +819,27 @@ func TestVisitComparison_AND(t *testing.T) {
 		{
 			name:    "single attribute key",
 			expr:    "a = 'v'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE a_cond",
 		},
 		{
 			name:    "single resource key",
 			expr:    "x = 'x'",
 			wantRSB: "WHERE x_cond",
-			wantSB:  "WHERE true",
+			wantSB:  "",
 		},
 		{
 			// RSB: both attribute keys → true; AND propagates TrueConditionLiteral.
 			name:    "two attribute keys AND",
 			expr:    "a = 'a' AND b = 'b'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (a_cond AND b_cond)",
 		},
 		{
 			name:    "two resource keys AND",
 			expr:    "x = 'x' AND y = 'y'",
 			wantRSB: "WHERE (x_cond AND y_cond)",
-			wantSB:  "WHERE true",
+			wantSB:  "",
 		},
 		{
 			// RSB: attribute → true stripped by AND; resource key survives.
@@ -868,13 +868,19 @@ func TestVisitComparison_AND(t *testing.T) {
 			result, err := PrepareWhereClause(tt.expr, rsbOpts)
 			assert.Equal(t, tt.wantErrRSB, err != nil, "resourceConditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantRSB, expr, "resourceConditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantRSB, expr)
 			}
 			result, err = PrepareWhereClause(tt.expr, sbOpts)
 			assert.Equal(t, tt.wantErrSB, err != nil, "conditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantSB, expr, "conditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantSB, expr)
 			}
 		})
@@ -892,14 +898,14 @@ func TestVisitComparison_NOT(t *testing.T) {
 			// Unary NOT on an attribute key: NOT(SkipConditionLiteral) → SkipConditionLiteral (guard).
 			name:    "NOT attribute key",
 			expr:    "NOT a = 'a'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE NOT (a_cond)",
 		},
 		{
 			name:    "NOT resource key",
 			expr:    "NOT x = 'x'",
 			wantRSB: "WHERE NOT (x_cond)",
-			wantSB:  "WHERE true",
+			wantSB:  "",
 		},
 		{
 			// RSB: NOT(SkipConditionLiteral) → SkipConditionLiteral; stripped from AND; x_cond survives.
@@ -912,14 +918,14 @@ func TestVisitComparison_NOT(t *testing.T) {
 			// NOT inside comparison (op=NotLike): conditionBuilder ignores it → same as LIKE.
 			name:    "NOT inside LIKE comparison",
 			expr:    "a NOT LIKE '%a%'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE a_cond",
 		},
 		{
 			// Unary NOT wrapping LIKE: structural NOT emitted around a_cond.
 			name:    "NOT at unary level wrapping LIKE",
 			expr:    "NOT a LIKE '%a%'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE NOT (a_cond)",
 		},
 		{
@@ -947,7 +953,7 @@ func TestVisitComparison_NOT(t *testing.T) {
 			// The inner NOT is an operator token; the outer NOT is structural.
 			name:    "unary NOT wrapping comparison NOT LIKE",
 			expr:    "NOT (a NOT LIKE '%a%')",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE NOT ((a_cond))",
 		},
 	}
@@ -956,13 +962,19 @@ func TestVisitComparison_NOT(t *testing.T) {
 			result, err := PrepareWhereClause(tt.expr, rsbOpts)
 			assert.Equal(t, tt.wantErrRSB, err != nil, "resourceConditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantRSB, expr, "resourceConditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantRSB, expr)
 			}
 			result, err = PrepareWhereClause(tt.expr, sbOpts)
 			assert.Equal(t, tt.wantErrSB, err != nil, "conditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantSB, expr, "conditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantSB, expr)
 			}
 		})
@@ -991,7 +1003,7 @@ func TestVisitComparison_OR(t *testing.T) {
 			// RSB: attribute → TrueConditionLiteral short-circuits OR.
 			name:    "attribute OR resource",
 			expr:    "a = 'a' OR x = 'x'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (a_cond OR x_cond)",
 		},
 		{
@@ -1029,21 +1041,21 @@ func TestVisitComparison_OR(t *testing.T) {
 			// RSB: NOT(a→SkipConditionLiteral) → SkipConditionLiteral → OR short-circuits.
 			name:    "NOT attr OR resource with OR override",
 			expr:    "NOT a = 'a' OR x = 'x'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (NOT (a_cond) OR x_cond)",
 		},
 		{
 			// RSB: a → TrueConditionLiteral → OR short-circuits.
 			name:    "all attribute keys OR",
 			expr:    "a = 'a' OR b = 'b' OR c = 'c'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (a_cond OR b_cond OR c_cond)",
 		},
 		{
 			// RSB: a→SkipConditionLiteral → OR short-circuits; paren passes through; NOT(SkipConditionLiteral) → SkipConditionLiteral.
 			name:    "NOT of three-way OR",
 			expr:    "NOT (a = 'a' OR b = 'b' OR x = 'x')",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE NOT (((a_cond OR b_cond OR x_cond)))",
 		},
 	}
@@ -1052,13 +1064,19 @@ func TestVisitComparison_OR(t *testing.T) {
 			result, err := PrepareWhereClause(tt.expr, rsbOpts)
 			assert.Equal(t, tt.wantErrRSB, err != nil, "resourceConditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantRSB, expr, "resourceConditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantRSB, expr)
 			}
 			result, err = PrepareWhereClause(tt.expr, sbOpts)
 			assert.Equal(t, tt.wantErrSB, err != nil, "conditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantSB, expr, "conditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantSB, expr)
 			}
 		})
@@ -1074,28 +1092,28 @@ func TestVisitComparison_Precedence(t *testing.T) {
 			// a→true short-circuits OR.
 			name:    "attr OR attr OR resource",
 			expr:    "a = 'a' OR b = 'b' OR x = 'x'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (a_cond OR b_cond OR x_cond)",
 		},
 		{
 			// AND before OR: (a AND b)→true short-circuits OR.
 			name:    "attr AND attr OR resource",
 			expr:    "a = 'a' AND b = 'b' OR x = 'x'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE ((a_cond AND b_cond) OR x_cond)",
 		},
 		{
 			// AND tighter: a as own OR branch; (b AND x) as second.
 			name:    "attr OR attr AND resource",
 			expr:    "a = 'a' OR b = 'b' AND x = 'x'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (a_cond OR (b_cond AND x_cond))",
 		},
 		{
 			// Left AND group (a,b)→true short-circuits OR.
 			name:    "two AND groups OR",
 			expr:    "a = 'a' AND b = 'b' OR x = 'x' AND y = 'y'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE ((a_cond AND b_cond) OR (x_cond AND y_cond))",
 		},
 		{
@@ -1109,7 +1127,7 @@ func TestVisitComparison_Precedence(t *testing.T) {
 			// RSB: NOT(a→SkipConditionLiteral)→SkipConditionLiteral → OR short-circuits.
 			name:    "NOT attr OR NOT resource",
 			expr:    "NOT a = 'a' OR NOT x = 'x'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (NOT (a_cond) OR NOT (x_cond))",
 		},
 		{
@@ -1118,7 +1136,7 @@ func TestVisitComparison_Precedence(t *testing.T) {
 			//      SkipConditionLiteral OR x_cond → SkipConditionLiteral short-circuits OR.
 			name:    "complex NOT OR AND",
 			expr:    "NOT a = 'a' OR b = 'b' AND x = 'x'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (NOT (a_cond) OR (b_cond AND x_cond))",
 		},
 	}
@@ -1127,13 +1145,19 @@ func TestVisitComparison_Precedence(t *testing.T) {
 			result, err := PrepareWhereClause(tt.expr, rsbOpts)
 			assert.Equal(t, tt.wantErrRSB, err != nil, "resourceConditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantRSB, expr, "resourceConditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantRSB, expr)
 			}
 			result, err = PrepareWhereClause(tt.expr, sbOpts)
 			assert.Equal(t, tt.wantErrSB, err != nil, "conditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantSB, expr, "conditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantSB, expr)
 			}
 		})
@@ -1150,7 +1174,7 @@ func TestVisitComparison_Parens(t *testing.T) {
 			// RSB: SkipConditionLiteral passes through unwrapped. SB: VisitPrimary wraps in parens.
 			name:    "single attribute key in parens",
 			expr:    "(a = 'a')",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (a_cond)",
 		},
 		{
@@ -1177,7 +1201,7 @@ func TestVisitComparison_Parens(t *testing.T) {
 			// RSB: left (a OR b)→true → OR short-circuits.
 			name:    "two paren-OR groups ORed",
 			expr:    "(a = 'a' OR b = 'b') OR (x = 'x' OR y = 'y')",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (((a_cond OR b_cond)) OR ((x_cond OR y_cond)))",
 		},
 		{
@@ -1192,7 +1216,7 @@ func TestVisitComparison_Parens(t *testing.T) {
 			name:    "deeply nested parentheses",
 			expr:    "(((x = 'x')))",
 			wantRSB: "WHERE (((x_cond)))",
-			wantSB:  "WHERE true",
+			wantSB:  "",
 		},
 		{
 			// RSB: inner NOT(a→SkipConditionLiteral)→SkipConditionLiteral; paren passes through;
@@ -1200,7 +1224,7 @@ func TestVisitComparison_Parens(t *testing.T) {
 			// SB: structural parens accumulate around each NOT.
 			name:    "double NOT via parens",
 			expr:    "NOT (NOT a = 'a')",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE NOT ((NOT (a_cond)))",
 		},
 		{
@@ -1208,14 +1232,14 @@ func TestVisitComparison_Parens(t *testing.T) {
 			//      paren passes through; NOT(SkipConditionLiteral) → SkipConditionLiteral.
 			name:    "NOT of parenthesized all-attribute AND",
 			expr:    "NOT (a = 'a' AND b = 'b')",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE NOT (((a_cond AND b_cond)))",
 		},
 		{
 			// RSB: a→SkipConditionLiteral short-circuits OR; paren passes through; NOT(SkipConditionLiteral)→SkipConditionLiteral.
 			name:    "NOT of parenthesized mixed OR attr short-circuits",
 			expr:    "NOT (a = 'a' OR x = 'x')",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE NOT (((a_cond OR x_cond)))",
 		},
 	}
@@ -1224,13 +1248,19 @@ func TestVisitComparison_Parens(t *testing.T) {
 			result, err := PrepareWhereClause(tt.expr, rsbOpts)
 			assert.Equal(t, tt.wantErrRSB, err != nil, "resourceConditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantRSB, expr, "resourceConditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantRSB, expr)
 			}
 			result, err = PrepareWhereClause(tt.expr, sbOpts)
 			assert.Equal(t, tt.wantErrSB, err != nil, "conditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantSB, expr, "conditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantSB, expr)
 			}
 		})
@@ -1246,14 +1276,14 @@ func TestVisitComparison_FullText(t *testing.T) {
 		{
 			name:    "standalone full-text term",
 			expr:    "'hello'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE body_cond",
 		},
 		{
 			// RSB: FT→true, a→true; AND propagates true.
 			name:    "full-text AND attribute",
 			expr:    "'hello' AND a = 'a'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (body_cond AND a_cond)",
 		},
 		{
@@ -1267,56 +1297,56 @@ func TestVisitComparison_FullText(t *testing.T) {
 			// RSB: NOT(FT→SkipConditionLiteral)→SkipConditionLiteral. SB: structural NOT applied.
 			name:    "NOT full-text term",
 			expr:    "NOT 'hello'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE NOT (body_cond)",
 		},
 		{
 			// RSB: FT→true short-circuits OR.
 			name:    "full-text OR resource",
 			expr:    "'hello' OR x = 'x'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (body_cond OR x_cond)",
 		},
 		{
 			name:    "full-text OR attribute",
 			expr:    "'hello' OR a = 'a'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (body_cond OR a_cond)",
 		},
 		{
 			name:    "two full-text terms ANDed",
 			expr:    "'hello' AND 'world'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (body_cond AND body_cond)",
 		},
 		{
 			name:    "two full-text terms ORed",
 			expr:    "'hello' OR 'world'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (body_cond OR body_cond)",
 		},
 		{
 			name:    "full-text in parentheses",
 			expr:    "('hello')",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (body_cond)",
 		},
 		{
 			name:    "two full-text AND attribute",
 			expr:    "'hello' AND 'world' AND a = 'a'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (body_cond AND body_cond AND a_cond)",
 		},
 		{
 			name:    "full-text OR attr OR resource all types",
 			expr:    "'hello' OR a = 'a' OR x = 'x'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (body_cond OR a_cond OR x_cond)",
 		},
 		{
 			name:    "NOT of paren full-text AND attr",
 			expr:    "NOT ('hello' AND a = 'a')",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE NOT (((body_cond AND a_cond)))",
 		},
 		{
@@ -1329,7 +1359,7 @@ func TestVisitComparison_FullText(t *testing.T) {
 		{
 			name:    "NOT full-text OR resource",
 			expr:    "NOT 'hello' OR x = 'x'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (NOT (body_cond) OR x_cond)",
 		},
 		{
@@ -1350,21 +1380,21 @@ func TestVisitComparison_FullText(t *testing.T) {
 			// SB: allVariable→TrueConditionLiteral stripped; body_cond survives.
 			name:    "full-text AND allVariable",
 			expr:    "'hello' AND x IN $service",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE body_cond",
 		},
 		{
 			// SB: body_cond added first; then allVariable→TrueConditionLiteral short-circuits OR.
 			name:    "full-text OR allVariable",
 			expr:    "'hello' OR x IN $service",
-			wantRSB: "WHERE true",
-			wantSB:  "WHERE true",
+			wantRSB: "",
+			wantSB:  "",
 		},
 		{
 			// SB: body_cond
 			name:    "full-text with sentinel value",
 			expr:    SkipConditionLiteral,
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE body_cond",
 		},
 	}
@@ -1373,13 +1403,19 @@ func TestVisitComparison_FullText(t *testing.T) {
 			result, err := PrepareWhereClause(tt.expr, rsbOpts)
 			assert.Equal(t, tt.wantErrRSB, err != nil, "resourceConditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantRSB, expr, "resourceConditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantRSB, expr)
 			}
 			result, err = PrepareWhereClause(tt.expr, sbOpts)
 			assert.Equal(t, tt.wantErrSB, err != nil, "conditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantSB, expr, "conditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantSB, expr)
 			}
 		})
@@ -1397,22 +1433,22 @@ func TestVisitComparison_AllVariable(t *testing.T) {
 		{
 			name:    "IN allVariable alone",
 			expr:    "x IN $service",
-			wantRSB: "WHERE true",
-			wantSB:  "WHERE true",
+			wantRSB: "",
+			wantSB:  "",
 		},
 		{
 			// TrueConditionLiteral stripped from AND; y_cond remains.
 			name:    "IN allVariable AND resource",
 			expr:    "x IN $service AND y = 'y'",
 			wantRSB: "WHERE y_cond",
-			wantSB:  "WHERE true",
+			wantSB:  "",
 		},
 		{
 			// TrueConditionLiteral short-circuits OR.
 			name:    "IN allVariable OR resource",
 			expr:    "x IN $service OR y = 'y'",
-			wantRSB: "WHERE true",
-			wantSB:  "WHERE true",
+			wantRSB: "",
+			wantSB:  "",
 		},
 		{
 			// RSB: a IN __all__→true stripped; x_cond remains.
@@ -1420,47 +1456,47 @@ func TestVisitComparison_AllVariable(t *testing.T) {
 			name:    "attr IN allVariable AND resource",
 			expr:    "a IN $service AND x = 'x'",
 			wantRSB: "WHERE x_cond",
-			wantSB:  "WHERE true",
+			wantSB:  "",
 		},
 		{
 			// NOT IN also resolves __all__ to TrueConditionLiteral.
 			name:    "NOT IN allVariable alone",
 			expr:    "x NOT IN $service",
-			wantRSB: "WHERE true",
-			wantSB:  "WHERE true",
+			wantRSB: "",
+			wantSB:  "",
 		},
 		{
 			name:    "NOT IN allVariable AND resource",
 			expr:    "x NOT IN $service AND y = 'y'",
 			wantRSB: "WHERE y_cond",
-			wantSB:  "WHERE true",
+			wantSB:  "",
 		},
 		{
 			// NOT (x IN $service): __all__ → SkipConditionLiteral; VisitPrimary passes through;
 			// NOT(SkipConditionLiteral) → SkipConditionLiteral.
 			name:    "NOT of allVariable IN",
 			expr:    "NOT (x IN $service)",
-			wantRSB: "WHERE true",
-			wantSB:  "WHERE true",
+			wantRSB: "",
+			wantSB:  "",
 		},
 		{
 			name:    "allVariable IN AND allVariable IN",
 			expr:    "x IN $service AND y IN $service",
-			wantRSB: "WHERE true",
-			wantSB:  "WHERE true",
+			wantRSB: "",
+			wantSB:  "",
 		},
 		{
 			// SB: allVariable→TrueConditionLiteral stripped; body_cond survives.
 			name:    "allVariable IN AND full-text",
 			expr:    "x IN $service AND 'hello'",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE body_cond",
 		},
 		{
 			// Equality does not trigger __all__ short-circuit; ConditionFor called normally.
 			name:    "equality with __all__ variable no shortcircuit",
 			expr:    "a = $service",
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE a_cond",
 		},
 		{
@@ -1468,7 +1504,7 @@ func TestVisitComparison_AllVariable(t *testing.T) {
 			name:    "NOT of paren with __all__ AND resource",
 			expr:    "NOT (x IN $service AND y = 'y')",
 			wantRSB: "WHERE NOT ((y_cond))",
-			wantSB:  "WHERE true",
+			wantSB:  "",
 		},
 	}
 	for _, tt := range tests {
@@ -1476,13 +1512,19 @@ func TestVisitComparison_AllVariable(t *testing.T) {
 			result, err := PrepareWhereClause(tt.expr, rsbOpts)
 			assert.Equal(t, tt.wantErrRSB, err != nil, "resourceConditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantRSB, expr, "resourceConditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantRSB, expr)
 			}
 			result, err = PrepareWhereClause(tt.expr, sbOpts)
 			assert.Equal(t, tt.wantErrSB, err != nil, "conditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantSB, expr, "conditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantSB, expr)
 			}
 		})
@@ -1499,13 +1541,13 @@ func TestVisitComparison_FunctionCalls(t *testing.T) {
 		{
 			name:      "has on attribute key",
 			expr:      "has(a, 'hello')",
-			wantRSB:   "WHERE true",
+			wantRSB:   "",
 			wantErrSB: true,
 		},
 		{
 			name:      "has on resource key",
 			expr:      "has(x, 'hello')",
-			wantRSB:   "WHERE true",
+			wantRSB:   "",
 			wantErrSB: true,
 		},
 		{
@@ -1519,13 +1561,13 @@ func TestVisitComparison_FunctionCalls(t *testing.T) {
 			// RSB: TrueConditionLiteral short-circuits OR.
 			name:      "has OR resource key",
 			expr:      "has(a, 'hello') OR x = 'x'",
-			wantRSB:   "WHERE true",
+			wantRSB:   "",
 			wantErrSB: true,
 		},
 		{
 			name:      "NOT of has",
 			expr:      "NOT has(a, 'hello')",
-			wantRSB:   "WHERE true",
+			wantRSB:   "",
 			wantErrSB: true,
 		},
 		{
@@ -1549,13 +1591,19 @@ func TestVisitComparison_FunctionCalls(t *testing.T) {
 			result, err := PrepareWhereClause(tt.expr, rsbOpts)
 			assert.Equal(t, tt.wantErrRSB, err != nil, "resourceConditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantRSB, expr, "resourceConditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantRSB, expr)
 			}
 			result, err = PrepareWhereClause(tt.expr, sbOpts)
 			assert.Equal(t, tt.wantErrSB, err != nil, "conditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantSB, expr, "conditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantSB, expr)
 			}
 		})
@@ -1581,21 +1629,21 @@ func TestVisitComparison_UnknownKeys(t *testing.T) {
 			//      SkipConditionLiteral short-circuits OR → x_cond never evaluated → WHERE true.
 			name:      "unknown key OR resource",
 			expr:      "unknown_key = 'val' OR x = 'x'",
-			wantRSB:   "WHERE true",
+			wantRSB:   "",
 			wantErrSB: true,
 		},
 		{
 			// RSB: unknown_key → SkipConditionLiteral short-circuits OR → WHERE true (a=a never evaluated).
 			name:      "unknown key OR attribute",
 			expr:      "unknown_key = 'val' OR a = 'a'",
-			wantRSB:   "WHERE true",
+			wantRSB:   "",
 			wantErrSB: true,
 		},
 		{
 			// RSB: both → SkipConditionLiteral; all stripped from AND → AND returns SkipConditionLiteral → WHERE true.
 			name:      "all unknown keys in AND",
 			expr:      "unk1 = 'v' AND unk2 = 'v'",
-			wantRSB:   "WHERE true",
+			wantRSB:   "",
 			wantErrSB: true,
 		},
 		{
@@ -1603,7 +1651,7 @@ func TestVisitComparison_UnknownKeys(t *testing.T) {
 			//      PrepareWhereClause converts to WHERE true.
 			name:      "NOT of unknown key",
 			expr:      "NOT unknown_key = 'val'",
-			wantRSB:   "WHERE true",
+			wantRSB:   "",
 			wantErrSB: true,
 		},
 	}
@@ -1612,13 +1660,19 @@ func TestVisitComparison_UnknownKeys(t *testing.T) {
 			result, err := PrepareWhereClause(tt.expr, rsbOpts)
 			assert.Equal(t, tt.wantErrRSB, err != nil, "resourceConditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantRSB, expr, "resourceConditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantRSB, expr)
 			}
 			result, err = PrepareWhereClause(tt.expr, sbOpts)
 			assert.Equal(t, tt.wantErrSB, err != nil, "conditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantSB, expr, "conditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantSB, expr)
 			}
 		})
@@ -1636,26 +1690,26 @@ func TestVisitComparison_SkippableLiteralValues(t *testing.T) {
 			// sbOpts:  conditionBuilder ignores value → WHERE a_cond.
 			name:    "value equals TrueConditionLiteral",
 			expr:    fmt.Sprintf("a = '%s'", TrueConditionLiteral),
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE a_cond",
 		},
 		{
 			name:    "value equals SkipConditionLiteral",
 			expr:    fmt.Sprintf("a = '%s'", SkipConditionLiteral),
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE a_cond",
 		},
 		{
 			name:    "value equals ErrorConditionLiteral",
 			expr:    fmt.Sprintf("a = '%s'", ErrorConditionLiteral),
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE a_cond",
 		},
 		{
 			// IN list whose members are all sentinel literals.
 			name:    "IN list containing all sentinel literals",
 			expr:    fmt.Sprintf("a IN ('%s', '%s', '%s')", TrueConditionLiteral, SkipConditionLiteral, ErrorConditionLiteral),
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE a_cond",
 		},
 		{
@@ -1663,7 +1717,7 @@ func TestVisitComparison_SkippableLiteralValues(t *testing.T) {
 			// sbOpts → two real conditions joined by AND.
 			name:    "AND with sentinel value on one branch",
 			expr:    fmt.Sprintf("a = '%s' AND b = 'real_value'", SkipConditionLiteral),
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE (a_cond AND b_cond)",
 		},
 		{
@@ -1671,7 +1725,7 @@ func TestVisitComparison_SkippableLiteralValues(t *testing.T) {
 			// sbOpts: NOT wraps the real condition.
 			name:    "NOT with sentinel value",
 			expr:    fmt.Sprintf("NOT a = '%s'", TrueConditionLiteral),
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE NOT (a_cond)",
 		},
 		{
@@ -1680,7 +1734,7 @@ func TestVisitComparison_SkippableLiteralValues(t *testing.T) {
 			// sbOpts:  full-text search on body column → WHERE body_cond.
 			name:    "full text search with SkipConditionLiteral",
 			expr:    SkipConditionLiteral,
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE body_cond",
 		},
 		{
@@ -1689,7 +1743,7 @@ func TestVisitComparison_SkippableLiteralValues(t *testing.T) {
 			// sbOpts:  full-text search on body column → WHERE body_cond.
 			name:    "full text search with TrueConditionLiteral",
 			expr:    TrueConditionLiteral,
-			wantRSB: "WHERE true",
+			wantRSB: "",
 			wantSB:  "WHERE body_cond",
 		},
 	}
@@ -1698,13 +1752,19 @@ func TestVisitComparison_SkippableLiteralValues(t *testing.T) {
 			result, err := PrepareWhereClause(tt.expr, rsbOpts)
 			assert.Equal(t, tt.wantErrRSB, err != nil, "resourceConditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantRSB, expr, "resourceConditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantRSB, expr)
 			}
 			result, err = PrepareWhereClause(tt.expr, sbOpts)
 			assert.Equal(t, tt.wantErrSB, err != nil, "conditionBuilder: error expectation mismatch")
 			if err == nil {
-				expr, _ := result.WhereClause.Build()
+				var expr string
+				if result != nil {
+					expr, _ = result.WhereClause.Build()
+				}
 				assert.Equal(t, tt.wantSB, expr, "conditionBuilder SQL mismatch:\n  want: %s\n   got: %s", tt.wantSB, expr)
 			}
 		})
--- a/pkg/ruler/rulestore/sqlrulestore/rule.go
+++ b/pkg/ruler/rulestore/sqlrulestore/rule.go
@@ -133,8 +133,7 @@ func (r *rule) GetStoredRulesByMetricName(ctx context.Context, orgID string, met
 	for _, storedRule := range storedRules {
 		var ruleData ruletypes.PostableRule
 		if err := json.Unmarshal([]byte(storedRule.Data), &ruleData); err != nil {
-			//nolint:sloglint
-			r.logger.WarnContext(ctx, "failed to unmarshal rule data", slog.String("rule.id", storedRule.ID.StringValue()), errors.Attr(err))
+			r.logger.WarnContext(ctx, "failed to unmarshal rule data", slog.String("rule_id", storedRule.ID.StringValue()), errors.Attr(err))
 			continue
 		}

--- a/pkg/telemetrylogs/json_condition_builder.go
+++ b/pkg/telemetrylogs/json_condition_builder.go
@@ -3,7 +3,6 @@ package telemetrylogs
 import (
 	"fmt"
 	"slices"
-	"strings"

 	schemamigrator "github.com/SigNoz/signoz-otel-collector/cmd/signozschemamigrator/schema_migrator"
 	"github.com/SigNoz/signoz/pkg/errors"
@@ -34,34 +33,182 @@ func NewJSONConditionBuilder(key *telemetrytypes.TelemetryFieldKey, valueType te

 // BuildCondition builds the full WHERE condition for body_v2 JSON paths.
 func (c *jsonConditionBuilder) buildJSONCondition(operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
-	baseCond, err := c.emitPlannedCondition(operator, value, sb)
-	if err != nil {
-		return "", err
+	conditions := []string{}
+	for _, node := range c.key.JSONPlan {
+		condition, err := c.emitPlannedCondition(node, operator, value, sb)
+		if err != nil {
+			return "", err
+		}
+		conditions = append(conditions, condition)
 	}
+	baseCond := sb.Or(conditions...)

 	// path index
 	if operator.AddDefaultExistsFilter() {
 		pathIndex := fmt.Sprintf(`has(%s, '%s')`, schemamigrator.JSONPathsIndexExpr(LogsV2BodyV2Column), c.key.ArrayParentPaths()[0])
 		return sb.And(baseCond, pathIndex), nil
 	}
-
 	return baseCond, nil
 }

-func (c *jsonConditionBuilder) emitPlannedCondition(operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
+// emitPlannedCondition handles paths with array traversal.
+func (c *jsonConditionBuilder) emitPlannedCondition(node *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
 	// Build traversal + terminal recursively per-hop
-	conditions := []string{}
-	for _, node := range c.key.JSONPlan {
-		condition, err := c.recurseArrayHops(node, operator, value, sb)
+	compiled, err := c.recurseArrayHops(node, operator, value, sb)
+	if err != nil {
+		return "", err
+	}
+	return compiled, nil
+}
+
+// buildTerminalCondition creates the innermost condition.
+func (c *jsonConditionBuilder) buildTerminalCondition(node *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
+	if node.TerminalConfig.ElemType.IsArray {
+		conditions := []string{}
+		// if the value type is not an array
+		// TODO(piyush): Confirm the Query built for Array case and add testcases for it later
+		if !c.valueType.IsArray {
+			// if operator is a String search Operator, then we need to build one more String comparison condition along with the Strict match condition
+			if operator.IsStringSearchOperator() {
+				formattedValue := querybuilder.FormatValueForContains(value)
+				arrayCond, err := c.buildArrayMembershipCondition(node, operator, formattedValue, sb)
+				if err != nil {
+					return "", err
+				}
+				conditions = append(conditions, arrayCond)
+			}
+
+			// switch operator for array membership checks
+			switch operator {
+			case qbtypes.FilterOperatorContains:
+				operator = qbtypes.FilterOperatorEqual
+			case qbtypes.FilterOperatorNotContains:
+				operator = qbtypes.FilterOperatorNotEqual
+			}
+		}
+
+		arrayCond, err := c.buildArrayMembershipCondition(node, operator, value, sb)
 		if err != nil {
 			return "", err
 		}
-		conditions = append(conditions, condition)
+		conditions = append(conditions, arrayCond)
+		// or the conditions together
+		return sb.Or(conditions...), nil
 	}

-	return sb.Or(conditions...), nil
+	return c.buildPrimitiveTerminalCondition(node, operator, value, sb)
 }

+// buildPrimitiveTerminalCondition builds the condition if the terminal node is a primitive type
+// it handles the data type collisions and utilizes indexes for the condition if available.
+func (c *jsonConditionBuilder) buildPrimitiveTerminalCondition(node *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
+	fieldPath := node.FieldPath()
+	conditions := []string{}
+	var formattedValue = value
+	if operator.IsStringSearchOperator() {
+		formattedValue = querybuilder.FormatValueForContains(value)
+	}
+
+	elemType := node.TerminalConfig.ElemType
+	fieldExpr := fmt.Sprintf("dynamicElement(%s, '%s')", fieldPath, elemType.StringValue())
+	fieldExpr, formattedValue = querybuilder.DataTypeCollisionHandledFieldName(node.TerminalConfig.Key, formattedValue, fieldExpr, operator)
+
+	// utilize indexes for the condition if available
+	indexed := slices.ContainsFunc(node.TerminalConfig.Key.Indexes, func(index telemetrytypes.JSONDataTypeIndex) bool {
+		return index.Type == elemType && index.ColumnExpression == fieldPath
+	})
+	if elemType.IndexSupported && indexed {
+		indexedExpr := assumeNotNull(fieldPath, elemType)
+		emptyValue := func() any {
+			switch elemType {
+			case telemetrytypes.String:
+				return ""
+			case telemetrytypes.Int64, telemetrytypes.Float64, telemetrytypes.Bool:
+				return 0
+			default:
+				return nil
+			}
+		}()
+
+		// switch the operator and value for exists and not exists
+		switch operator {
+		case qbtypes.FilterOperatorExists:
+			operator = qbtypes.FilterOperatorNotEqual
+			value = emptyValue
+		case qbtypes.FilterOperatorNotExists:
+			operator = qbtypes.FilterOperatorEqual
+			value = emptyValue
+		default:
+			// do nothing
+		}
+
+		indexedExpr, indexedComparisonValue := querybuilder.DataTypeCollisionHandledFieldName(node.TerminalConfig.Key, formattedValue, indexedExpr, operator)
+		cond, err := c.applyOperator(sb, indexedExpr, operator, indexedComparisonValue)
+		if err != nil {
+			return "", err
+		}
+
+		// if qb has a definitive value, we can skip adding a condition to
+		// check the existence of the path in the json column
+		if value != emptyValue {
+			return cond, nil
+		}
+
+		conditions = append(conditions, cond)
+		// Switch operator to EXISTS since indexed paths on assumedNotNull, indexes will always have a default value
+		// So we flip the operator to Exists and filter the rows that actually have the value
+		operator = qbtypes.FilterOperatorExists
+	}
+
+	cond, err := c.applyOperator(sb, fieldExpr, operator, formattedValue)
+	if err != nil {
+		return "", err
+	}
+	conditions = append(conditions, cond)
+	if len(conditions) > 1 {
+		return sb.And(conditions...), nil
+	}
+	return conditions[0], nil
+}
+
+// buildArrayMembershipCondition handles array membership checks.
+func (c *jsonConditionBuilder) buildArrayMembershipCondition(node *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
+	arrayPath := node.FieldPath()
+	localKeyCopy := *node.TerminalConfig.Key
+	// create typed array out of a dynamic array
+	filteredDynamicExpr := func() string {
+		// Change the field data type from []dynamic to the value type
+		// since we've filtered the value type out of the dynamic array, we need to change the field data corresponding to the value type
+		localKeyCopy.FieldDataType = telemetrytypes.MappingJSONDataTypeToFieldDataType[telemetrytypes.ScalerTypeToArrayType[c.valueType]]
+
+		baseArrayDynamicExpr := fmt.Sprintf("dynamicElement(%s, 'Array(Dynamic)')", arrayPath)
+		return fmt.Sprintf("arrayMap(x->dynamicElement(x, '%s'), arrayFilter(x->(dynamicType(x) = '%s'), %s))",
+			c.valueType.StringValue(),
+			c.valueType.StringValue(),
+			baseArrayDynamicExpr)
+	}
+	typedArrayExpr := func() string {
+		return fmt.Sprintf("dynamicElement(%s, '%s')", arrayPath, node.TerminalConfig.ElemType.StringValue())
+	}
+
+	var arrayExpr string
+	if node.TerminalConfig.ElemType == telemetrytypes.ArrayDynamic {
+		arrayExpr = filteredDynamicExpr()
+	} else {
+		arrayExpr = typedArrayExpr()
+	}
+
+	key := "x"
+	fieldExpr, value := querybuilder.DataTypeCollisionHandledFieldName(&localKeyCopy, value, key, operator)
+	op, err := c.applyOperator(sb, fieldExpr, operator, value)
+	if err != nil {
+		return "", err
+	}
+
+	return fmt.Sprintf("arrayExists(%s -> %s, %s)", key, op, arrayExpr), nil
+}
+
+// recurseArrayHops recursively builds array traversal conditions.
 func (c *jsonConditionBuilder) recurseArrayHops(current *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
 	if current == nil {
 		return "", errors.NewInternalf(CodeArrayNavigationFailed, "navigation failed, current node is nil")
@@ -75,33 +222,6 @@ func (c *jsonConditionBuilder) recurseArrayHops(current *telemetrytypes.JSONAcce
 		return terminalCond, nil
 	}

-	// apply NOT at top level arrayExists so that any subsequent arrayExists fails we count it as true (matching log)
-	yes, operator := applyNotCondition(operator)
-	condition, err := c.buildAccessNodeBranches(current, operator, value, sb)
-	if err != nil {
-		return "", err
-	}
-
-	if yes {
-		return sb.Not(condition), nil
-	}
-
-	return condition, nil
-}
-
-func applyNotCondition(operator qbtypes.FilterOperator) (bool, qbtypes.FilterOperator) {
-	if operator.IsNegativeOperator() {
-		return true, operator.Inverse()
-	}
-	return false, operator
-}
-
-// buildAccessNodeBranches builds conditions for each branch of the access node.
-func (c *jsonConditionBuilder) buildAccessNodeBranches(current *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
-	if current == nil {
-		return "", errors.NewInternalf(CodeArrayNavigationFailed, "navigation failed, current node is nil")
-	}
-
 	currAlias := current.Alias()
 	fieldPath := current.FieldPath()
 	// Determine availability of Array(JSON) and Array(Dynamic) at this hop
@@ -136,200 +256,6 @@ func (c *jsonConditionBuilder) buildAccessNodeBranches(current *telemetrytypes.J
 	return sb.Or(branches...), nil
 }

-// buildTerminalCondition creates the innermost condition.
-func (c *jsonConditionBuilder) buildTerminalCondition(node *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
-	if node.TerminalConfig.ElemType.IsArray {
-		// Note: here applyNotCondition will return true only if; top level path is an array; and operator is a negative operator
-		// Otherwise this code will be triggered by buildAccessNodeBranches; Where operator would've been already inverted if needed.
-		yes, operator := applyNotCondition(operator)
-		cond, err := c.buildTerminalArrayCondition(node, operator, value, sb)
-		if err != nil {
-			return "", err
-		}
-
-		if yes {
-			return sb.Not(cond), nil
-		}
-		return cond, nil
-	}
-
-	return c.buildPrimitiveTerminalCondition(node, operator, value, sb)
-}
-
-func getEmptyValue(elemType telemetrytypes.JSONDataType) any {
-	switch elemType {
-	case telemetrytypes.String:
-		return ""
-	case telemetrytypes.Int64, telemetrytypes.Float64, telemetrytypes.Bool:
-		return 0
-	default:
-		return nil
-	}
-}
-
-func (c *jsonConditionBuilder) terminalIndexedCondition(node *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
-	fieldPath := node.FieldPath()
-	if strings.Contains(fieldPath, telemetrytypes.ArraySepSuffix) {
-		return "", errors.NewInternalf(CodeArrayNavigationFailed, "can not build index condition for array field %s", fieldPath)
-	}
-
-	elemType := node.TerminalConfig.ElemType
-	dynamicExpr := fmt.Sprintf("dynamicElement(%s, '%s')", fieldPath, elemType.StringValue())
-	indexedExpr := assumeNotNull(dynamicExpr)
-
-	// switch the operator and value for exists and not exists
-	switch operator {
-	case qbtypes.FilterOperatorExists:
-		operator = qbtypes.FilterOperatorNotEqual
-		value = getEmptyValue(elemType)
-	case qbtypes.FilterOperatorNotExists:
-		operator = qbtypes.FilterOperatorEqual
-		value = getEmptyValue(elemType)
-	default:
-		// do nothing
-	}
-
-	indexedExpr, formattedValue := querybuilder.DataTypeCollisionHandledFieldName(node.TerminalConfig.Key, value, indexedExpr, operator)
-	cond, err := c.applyOperator(sb, indexedExpr, operator, formattedValue)
-	if err != nil {
-		return "", err
-	}
-
-	return cond, nil
-}
-
-// buildPrimitiveTerminalCondition builds the condition if the terminal node is a primitive type
-// it handles the data type collisions and utilizes indexes for the condition if available.
-func (c *jsonConditionBuilder) buildPrimitiveTerminalCondition(node *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
-	fieldPath := node.FieldPath()
-	conditions := []string{}
-
-	// utilize indexes for the condition if available
-	//
-	// Note: Indexing code doesn't get executed for Array Nested fields because they can not be indexed
-	indexed := slices.ContainsFunc(node.TerminalConfig.Key.Indexes, func(index telemetrytypes.JSONDataTypeIndex) bool {
-		return index.Type == node.TerminalConfig.ElemType
-	})
-	if node.TerminalConfig.ElemType.IndexSupported && indexed {
-		indexCond, err := c.terminalIndexedCondition(node, operator, value, sb)
-		if err != nil {
-			return "", err
-		}
-		// if qb has a definitive value, we can skip adding a condition to
-		// check the existence of the path in the json column
-		if value != nil && value != getEmptyValue(node.TerminalConfig.ElemType) {
-			return indexCond, nil
-		}
-
-		conditions = append(conditions, indexCond)
-
-		// Switch operator to EXISTS except when operator is NOT EXISTS since
-		// indexed paths on assumedNotNull, indexes will always have a default
-		// value so we flip the operator to Exists and filter the rows that
-		// actually have the value
-		if operator != qbtypes.FilterOperatorNotExists {
-			operator = qbtypes.FilterOperatorExists
-		}
-	}
-
-	var formattedValue = value
-	if operator.IsStringSearchOperator() {
-		formattedValue = querybuilder.FormatValueForContains(value)
-	}
-
-	fieldExpr := fmt.Sprintf("dynamicElement(%s, '%s')", fieldPath, node.TerminalConfig.ElemType.StringValue())
-
-	// if operator is negative and has a value comparison i.e. excluding EXISTS and NOT EXISTS, we need to assume that the field exists everywhere
-	//
-	// Note: here applyNotCondition will return true only if; top level path is being queried and operator is a negative operator
-	// Otherwise this code will be triggered by buildAccessNodeBranches; Where operator would've been already inverted if needed.
-	if node.IsNonNestedPath() {
-		yes, _ := applyNotCondition(operator)
-		if yes {
-			switch operator {
-			case qbtypes.FilterOperatorNotExists:
-				// skip
-			default:
-				fieldExpr = assumeNotNull(fieldExpr)
-			}
-		}
-	}
-
-	fieldExpr, formattedValue = querybuilder.DataTypeCollisionHandledFieldName(node.TerminalConfig.Key, formattedValue, fieldExpr, operator)
-	cond, err := c.applyOperator(sb, fieldExpr, operator, formattedValue)
-	if err != nil {
-		return "", err
-	}
-	conditions = append(conditions, cond)
-	if len(conditions) > 1 {
-		return sb.And(conditions...), nil
-	}
-	return conditions[0], nil
-}
-
-func (c *jsonConditionBuilder) buildTerminalArrayCondition(node *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
-	conditions := []string{}
-	// if operator is a String search Operator, then we need to build one more String comparison condition along with the Strict match condition
-	if operator.IsStringSearchOperator() {
-		formattedValue := querybuilder.FormatValueForContains(value)
-		arrayCond, err := c.buildArrayMembershipCondition(node, operator, formattedValue, sb)
-		if err != nil {
-			return "", err
-		}
-		conditions = append(conditions, arrayCond)
-
-		// switch operator for array membership checks
-		switch operator {
-		case qbtypes.FilterOperatorContains:
-			operator = qbtypes.FilterOperatorEqual
-		case qbtypes.FilterOperatorNotContains:
-			operator = qbtypes.FilterOperatorNotEqual
-		}
-	}
-
-	arrayCond, err := c.buildArrayMembershipCondition(node, operator, value, sb)
-	if err != nil {
-		return "", err
-	}
-	conditions = append(conditions, arrayCond)
-	if len(conditions) > 1 {
-		return sb.Or(conditions...), nil
-	}
-
-	return conditions[0], nil
-}
-
-// buildArrayMembershipCondition builds condition of the part where Arrays becomes primitive typed Arrays
-// e.g. [300, 404, 500], and value operations will work on the array elements.
-func (c *jsonConditionBuilder) buildArrayMembershipCondition(node *telemetrytypes.JSONAccessNode, operator qbtypes.FilterOperator, value any, sb *sqlbuilder.SelectBuilder) (string, error) {
-	arrayPath := node.FieldPath()
-	// create typed array out of a dynamic array
-	filteredDynamicExpr := func() string {
-		baseArrayDynamicExpr := fmt.Sprintf("dynamicElement(%s, 'Array(Dynamic)')", arrayPath)
-		return fmt.Sprintf("arrayFilter(x->(dynamicType(x) IN ('String', 'Int64', 'Float64', 'Bool')), %s)",
-			baseArrayDynamicExpr)
-	}
-	typedArrayExpr := func() string {
-		return fmt.Sprintf("dynamicElement(%s, '%s')", arrayPath, node.TerminalConfig.ElemType.StringValue())
-	}
-
-	var arrayExpr string
-	if node.TerminalConfig.ElemType == telemetrytypes.ArrayDynamic {
-		arrayExpr = filteredDynamicExpr()
-	} else {
-		arrayExpr = typedArrayExpr()
-	}
-
-	key := "x"
-	fieldExpr, value := querybuilder.DataTypeCollisionHandledFieldName(node.TerminalConfig.Key, value, key, operator)
-	op, err := c.applyOperator(sb, fieldExpr, operator, value)
-	if err != nil {
-		return "", err
-	}
-
-	return fmt.Sprintf("arrayExists(%s -> %s, %s)", key, op, arrayExpr), nil
-}
-
 func (c *jsonConditionBuilder) applyOperator(sb *sqlbuilder.SelectBuilder, fieldExpr string, operator qbtypes.FilterOperator, value any) (string, error) {
 	switch operator {
 	case qbtypes.FilterOperatorEqual:
@@ -391,6 +317,6 @@ func (c *jsonConditionBuilder) applyOperator(sb *sqlbuilder.SelectBuilder, field
 	}
 }

-func assumeNotNull(fieldExpr string) string {
-	return fmt.Sprintf("assumeNotNull(%s)", fieldExpr)
+func assumeNotNull(column string, elemType telemetrytypes.JSONDataType) string {
+	return fmt.Sprintf("assumeNotNull(dynamicElement(%s, '%s'))", column, elemType.StringValue())
 }
--- a/pkg/telemetrylogs/json_stmt_builder_test.go
+++ b/pkg/telemetrylogs/json_stmt_builder_test.go
--- a/pkg/telemetrylogs/statement_builder.go
+++ b/pkg/telemetrylogs/statement_builder.go
@@ -700,6 +700,9 @@ func (b *logQueryStatementBuilder) maybeAttachResourceFilter(
 	if err != nil {
 		return "", nil, err
 	}
+	if stmt == nil {
+		return "", nil, nil
+	}

 	sb.Where("resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter)")

--- a/pkg/telemetrylogs/stmt_builder_test.go
+++ b/pkg/telemetrylogs/stmt_builder_test.go
@@ -55,7 +55,7 @@ func TestStatementBuilderTimeSeries(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS `service.name`, countDistinct(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 30 SECOND) AS ts, toString(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS `service.name`, countDistinct(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS `service.name`, countDistinct(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 30 SECOND) AS ts, toString(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS `service.name`, countDistinct(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
 				Args:  []any{"cartservice", "%service.name%", "%service.name\":\"cartservice%", uint64(1705397400), uint64(1705485600), "1705399200000000000", uint64(1705397400), "1705485600000000000", uint64(1705485600), 10, "1705399200000000000", uint64(1705397400), "1705485600000000000", uint64(1705485600)},
 			},
 			expectedErr: nil,
@@ -86,8 +86,8 @@ func TestStatementBuilderTimeSeries(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, countDistinct(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL) OR (attributes_string['http.method'] = ? AND mapContains(attributes_string, 'http.method') = ?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, countDistinct(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL) OR (attributes_string['http.method'] = ? AND mapContains(attributes_string, 'http.method') = ?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
-				Args:  []any{uint64(1705224600), uint64(1705485600), "redis-manual", "GET", true, "1705226400000000000", uint64(1705224600), "1705485600000000000", uint64(1705485600), 10, "redis-manual", "GET", true, "1705226400000000000", uint64(1705224600), "1705485600000000000", uint64(1705485600)},
+				Query: "WITH __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, countDistinct(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE ((multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL) OR (attributes_string['http.method'] = ? AND mapContains(attributes_string, 'http.method') = ?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, countDistinct(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE ((multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL) OR (attributes_string['http.method'] = ? AND mapContains(attributes_string, 'http.method') = ?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
+				Args:  []any{"redis-manual", "GET", true, "1705226400000000000", uint64(1705224600), "1705485600000000000", uint64(1705485600), 10, "redis-manual", "GET", true, "1705226400000000000", uint64(1705224600), "1705485600000000000", uint64(1705485600)},
 			},
 			expectedErr: nil,
 		},
@@ -127,7 +127,7 @@ func TestStatementBuilderTimeSeries(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS `service.name`, count() AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY `service.name` desc LIMIT ?) SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 30 SECOND) AS ts, toString(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS `service.name`, count() AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name` ORDER BY `service.name` desc, ts desc",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS `service.name`, count() AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY `service.name` desc LIMIT ?) SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 30 SECOND) AS ts, toString(multiIf(resource.`service.name`::String IS NOT NULL, resource.`service.name`::String, NULL)) AS `service.name`, count() AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name` ORDER BY `service.name` desc, ts desc",
 				Args:  []any{"cartservice", "%service.name%", "%service.name\":\"cartservice%", uint64(1705397400), uint64(1705485600), "1705399200000000000", uint64(1705397400), "1705485600000000000", uint64(1705485600), 10, "1705399200000000000", uint64(1705397400), "1705485600000000000", uint64(1705485600)},
 			},
 			expectedErr: nil,
@@ -160,7 +160,7 @@ func TestStatementBuilderTimeSeries(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(`attribute_string_materialized$$key$$name_exists` = ?, `attribute_string_materialized$$key$$name`, NULL)) AS `materialized.key.name`, count() AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY `materialized.key.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 30 SECOND) AS ts, toString(multiIf(`attribute_string_materialized$$key$$name_exists` = ?, `attribute_string_materialized$$key$$name`, NULL)) AS `materialized.key.name`, count() AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? AND (`materialized.key.name`) GLOBAL IN (SELECT `materialized.key.name` FROM __limit_cte) GROUP BY ts, `materialized.key.name`",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(`attribute_string_materialized$$key$$name_exists` = ?, `attribute_string_materialized$$key$$name`, NULL)) AS `materialized.key.name`, count() AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY `materialized.key.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 30 SECOND) AS ts, toString(multiIf(`attribute_string_materialized$$key$$name_exists` = ?, `attribute_string_materialized$$key$$name`, NULL)) AS `materialized.key.name`, count() AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? AND (`materialized.key.name`) GLOBAL IN (SELECT `materialized.key.name` FROM __limit_cte) GROUP BY ts, `materialized.key.name`",
 				Args:  []any{"cartservice", "%service.name%", "%service.name\":\"cartservice%", uint64(1705397400), uint64(1705485600), true, "1705399200000000000", uint64(1705397400), "1705485600000000000", uint64(1705485600), 10, true, "1705399200000000000", uint64(1705397400), "1705485600000000000", uint64(1705485600)},
 			},
 		},
@@ -183,8 +183,8 @@ func TestStatementBuilderTimeSeries(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 30 SECOND) AS ts, count() AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((match(`attribute_string_materialized$$key$$name`, ?) AND `attribute_string_materialized$$key$$name_exists` = ?) OR (`attribute_string_materialized$$key$$name` = ? AND `attribute_string_materialized$$key$$name_exists` = ?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY ts",
-				Args:  []any{uint64(1705397400), uint64(1705485600), "redis.*", true, "memcached", true, "1705399200000000000", uint64(1705397400), "1705485600000000000", uint64(1705485600)},
+				Query: "SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 30 SECOND) AS ts, count() AS __result_0 FROM signoz_logs.distributed_logs_v2 WHERE ((match(`attribute_string_materialized$$key$$name`, ?) AND `attribute_string_materialized$$key$$name_exists` = ?) OR (`attribute_string_materialized$$key$$name` = ? AND `attribute_string_materialized$$key$$name_exists` = ?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY ts",
+				Args:  []any{"redis.*", true, "memcached", true, "1705399200000000000", uint64(1705397400), "1705485600000000000", uint64(1705485600)},
 			},
 			expectedErr: nil,
 		},
@@ -249,7 +249,7 @@ func TestStatementBuilderListQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
 				Args:  []any{"cartservice", "%service.name%", "%service.name\":\"cartservice%", uint64(1747945619), uint64(1747983448), "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
@@ -277,7 +277,7 @@ func TestStatementBuilderListQuery(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? ORDER BY `attribute_string_materialized$$key$$name` AS `materialized.key.name` desc LIMIT ?",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? ORDER BY `attribute_string_materialized$$key$$name` AS `materialized.key.name` desc LIMIT ?",
 				Args:  []any{"cartservice", "%service.name%", "%service.name\":\"cartservice%", uint64(1747945619), uint64(1747983448), "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
@@ -305,8 +305,8 @@ func TestStatementBuilderListQuery(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((match(`attribute_string_materialized$$key$$name`, ?) AND `attribute_string_materialized$$key$$name_exists` = ?) OR (`attribute_string_materialized$$key$$name` = ? AND `attribute_string_materialized$$key$$name_exists` = ?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? ORDER BY `attribute_string_materialized$$key$$name` AS `materialized.key.name` desc LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "redis.*", true, "memcached", true, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query: "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE ((match(`attribute_string_materialized$$key$$name`, ?) AND `attribute_string_materialized$$key$$name_exists` = ?) OR (`attribute_string_materialized$$key$$name` = ? AND `attribute_string_materialized$$key$$name_exists` = ?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? ORDER BY `attribute_string_materialized$$key$$name` AS `materialized.key.name` desc LIMIT ?",
+				Args:  []any{"redis.*", true, "memcached", true, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -370,8 +370,8 @@ func TestStatementBuilderListQueryResourceTests(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND match(LOWER(body), LOWER(?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "hello", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query: "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE match(LOWER(body), LOWER(?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:  []any{"hello", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -414,8 +414,8 @@ func TestStatementBuilderListQueryResourceTests(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND (JSON_VALUE(body, '$.\"status\"') = ? AND JSON_EXISTS(body, '$.\"status\"')) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "success", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query: "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE (JSON_VALUE(body, '$.\"status\"') = ? AND JSON_EXISTS(body, '$.\"status\"')) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:  []any{"success", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -430,8 +430,8 @@ func TestStatementBuilderListQueryResourceTests(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((JSONExtract(JSON_QUERY(body, '$.\"user_names\"[*]'), 'Array(String)') = ?) AND JSON_EXISTS(body, '$.\"user_names\"[*]')) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "john_doe", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query: "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE ((JSONExtract(JSON_QUERY(body, '$.\"user_names\"[*]'), 'Array(String)') = ?) AND JSON_EXISTS(body, '$.\"user_names\"[*]')) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:  []any{"john_doe", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -446,8 +446,8 @@ func TestStatementBuilderListQueryResourceTests(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND has(JSONExtract(JSON_QUERY(body, '$.\"user_names\"[*]'), 'Array(String)'), ?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "john_doe", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query: "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE has(JSONExtract(JSON_QUERY(body, '$.\"user_names\"[*]'), 'Array(String)'), ?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:  []any{"john_doe", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -900,8 +900,8 @@ func TestStmtBuilderBodyField(t *testing.T) {
 			},
 			enableBodyJSONQuery: true,
 			expected: qbtypes.Statement{
-				Query:    "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body_v2 as body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND body_v2.message <> ? AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:     []any{uint64(1747945619), uint64(1747983448), "", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query:    "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body_v2 as body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE body_v2.message <> ? AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:     []any{"", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 				Warnings: []string{bodySearchDefaultWarning},
 			},
 			expectedErr: nil,
@@ -916,8 +916,8 @@ func TestStmtBuilderBodyField(t *testing.T) {
 			},
 			enableBodyJSONQuery: false,
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND body <> ? AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query: "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE body <> ? AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:  []any{"", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -931,8 +931,8 @@ func TestStmtBuilderBodyField(t *testing.T) {
 			},
 			enableBodyJSONQuery: true,
 			expected: qbtypes.Statement{
-				Query:    "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body_v2 as body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND body_v2.message = ? AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:     []any{uint64(1747945619), uint64(1747983448), "", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query:    "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body_v2 as body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE body_v2.message = ? AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:     []any{"", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 				Warnings: []string{bodySearchDefaultWarning},
 			},
 			expectedErr: nil,
@@ -947,8 +947,8 @@ func TestStmtBuilderBodyField(t *testing.T) {
 			},
 			enableBodyJSONQuery: false,
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND body = ? AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query: "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE body = ? AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:  []any{"", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -962,8 +962,8 @@ func TestStmtBuilderBodyField(t *testing.T) {
 			},
 			enableBodyJSONQuery: true,
 			expected: qbtypes.Statement{
-				Query:    "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body_v2 as body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND LOWER(body_v2.message) LIKE LOWER(?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:     []any{uint64(1747945619), uint64(1747983448), "%error%", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query:    "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body_v2 as body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE LOWER(body_v2.message) LIKE LOWER(?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:     []any{"%error%", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 				Warnings: []string{bodySearchDefaultWarning},
 			},
 			expectedErr: nil,
@@ -978,8 +978,8 @@ func TestStmtBuilderBodyField(t *testing.T) {
 			},
 			enableBodyJSONQuery: false,
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND LOWER(body) LIKE LOWER(?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "%error%", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query: "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE LOWER(body) LIKE LOWER(?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:  []any{"%error%", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -1051,8 +1051,8 @@ func TestStmtBuilderBodyFullTextSearch(t *testing.T) {
 			},
 			enableBodyJSONQuery: true,
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body_v2 as body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND match(LOWER(body_v2.message), LOWER(?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "error", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query: "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body_v2 as body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE match(LOWER(body_v2.message), LOWER(?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:  []any{"error", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -1066,8 +1066,8 @@ func TestStmtBuilderBodyFullTextSearch(t *testing.T) {
 			},
 			enableBodyJSONQuery: false,
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND match(LOWER(body), LOWER(?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "error", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Query: "SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, attributes_string, attributes_number, attributes_bool, resources_string, scope_string FROM signoz_logs.distributed_logs_v2 WHERE match(LOWER(body), LOWER(?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:  []any{"error", "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
--- a/pkg/telemetryresourcefilter/statement_builder.go
+++ b/pkg/telemetryresourcefilter/statement_builder.go
@@ -98,9 +98,13 @@ func (b *resourceFilterStatementBuilder[T]) Build(
 		return nil, err
 	}

-	if err := b.addConditions(ctx, q, start, end, query, keys, variables); err != nil {
+	isNoOp, err := b.addConditions(ctx, q, start, end, query, keys, variables)
+	if err != nil {
 		return nil, err
 	}
+	if isNoOp {
+		return nil, nil //nolint:nilnil
+	}

 	stmt, args := q.BuildWithFlavor(sqlbuilder.ClickHouse)
 	return &qbtypes.Statement{
@@ -110,6 +114,8 @@ func (b *resourceFilterStatementBuilder[T]) Build(
 }

 // addConditions adds both filter and time conditions to the query.
+// Returns true (isNoOp) when the filter expression evaluated to no resource conditions,
+// meaning the CTE would select all fingerprints and should be skipped entirely.
 func (b *resourceFilterStatementBuilder[T]) addConditions(
 	ctx context.Context,
 	sb *sqlbuilder.SelectBuilder,
@@ -117,7 +123,7 @@ func (b *resourceFilterStatementBuilder[T]) addConditions(
 	query qbtypes.QueryBuilderQuery[T],
 	keys map[string][]*telemetrytypes.TelemetryFieldKey,
 	variables map[string]qbtypes.VariableItem,
-) error {
+) (bool, error) {
 	// Add filter condition if present
 	if query.Filter != nil && query.Filter.Expression != "" {

@@ -140,16 +146,22 @@ func (b *resourceFilterStatementBuilder[T]) addConditions(
 		})

 		if err != nil {
-			return err
+			return false, err
 		}
-		if filterWhereClause != nil {
-			sb.AddWhereClause(filterWhereClause.WhereClause)
+		if filterWhereClause == nil {
+			// this means all conditions evaluated to no-op (non-resource fields, unknown keys, skipped full-text/functions)
+			// the CTE would select all fingerprints, so skip it entirely
+			return true, nil
 		}
+		sb.AddWhereClause(filterWhereClause.WhereClause)
+	} else {
+		// No filter expression means we would select all fingerprints — skip the CTE.
+		return true, nil
 	}

 	// Add time filter
 	b.addTimeFilter(sb, start, end)
-	return nil
+	return false, nil
 }

 // addTimeFilter adds time-based filtering conditions.
--- a/pkg/telemetryresourcefilter/statement_builder_test.go
+++ b/pkg/telemetryresourcefilter/statement_builder_test.go
@@ -104,7 +104,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 		query       qbtypes.QueryBuilderQuery[qbtypes.TraceAggregation]
 		start       uint64
 		end         uint64
-		expected    qbtypes.Statement
+		expected    *qbtypes.Statement
 		expectedErr error
 	}{
 		{
@@ -117,7 +117,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -132,7 +132,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE ((simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND (simpleJSONExtractString(labels, 'k8s.namespace.name') = ? AND labels LIKE ? AND labels LIKE ?)) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", "production", "%k8s.namespace.name%", "%k8s.namespace.name\":\"production%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -145,12 +145,9 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 					Expression: "service.name = 'redis-manual' OR http.request.method = 'GET'",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // OR with non-resource field: entire CTE is skipped
 		},
 		{
 			name: "resource filter with empty filter expression",
@@ -160,12 +157,9 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 					Expression: "",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // no filter: CTE is skipped
 		},
 		{
 			name: "resource filter with nil filter",
@@ -173,12 +167,9 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 				Signal: telemetrytypes.SignalTraces,
 				Filter: nil,
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // no filter: CTE is skipped
 		},
 		{
 			name: "resource filter with LIKE operator",
@@ -190,7 +181,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (LOWER(simpleJSONExtractString(labels, 'service.name')) LIKE LOWER(?) AND labels LIKE ? AND LOWER(labels) LIKE LOWER(?)) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis%", "%service.name%", "%service.name%redis%%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -205,7 +196,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONHas(labels, 'service.name') = ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{true, "%service.name%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -220,7 +211,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONHas(labels, 'service.name') <> ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{true, expectedBucketStart, expectedBucketEnd},
 			},
@@ -235,7 +226,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE ((simpleJSONExtractString(labels, 'service.name') = ? OR simpleJSONExtractString(labels, 'service.name') = ?) AND labels LIKE ? AND (labels LIKE ? OR labels LIKE ?)) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis", "postgres", "%service.name%", "%service.name\":\"redis%", "%service.name\":\"postgres%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -250,7 +241,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE ((simpleJSONExtractString(labels, 'service.name') <> ? AND simpleJSONExtractString(labels, 'service.name') <> ?) AND (labels NOT LIKE ? AND labels NOT LIKE ?)) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis", "postgres", "%service.name\":\"redis%", "%service.name\":\"postgres%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -265,7 +256,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (LOWER(simpleJSONExtractString(labels, 'service.name')) LIKE LOWER(?) AND labels LIKE ? AND LOWER(labels) LIKE LOWER(?)) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"%redis%", "%service.name%", "%service.name%redis%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -280,7 +271,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (match(simpleJSONExtractString(labels, 'service.name'), ?) AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis.*", "%service.name%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -295,25 +286,22 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') <> ? AND labels NOT LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis", "%service.name\":\"redis%", expectedBucketStart, expectedBucketEnd},
 			},
 		},
 		{
-			name: "resource filter with attribute-only filter (should return true)",
+			name: "resource filter with attribute-only filter",
 			query: qbtypes.QueryBuilderQuery[qbtypes.TraceAggregation]{
 				Signal: telemetrytypes.SignalTraces,
 				Filter: &qbtypes.Filter{
 					Expression: "http.request.method = 'POST'",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // only non-resource fields: CTE is skipped
 		},
 		{
 			name: "resource filter with zero end time",
@@ -325,7 +313,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   0,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ?",
 				Args:  []any{"redis", "%service.name%", "%service.name\":\"redis%", expectedBucketStart},
 			},
@@ -340,7 +328,7 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE NOT (((simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?))) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis", "%service.name%", "%service.name\":\"redis%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -350,20 +338,14 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 			query: qbtypes.QueryBuilderQuery[qbtypes.TraceAggregation]{
 				Signal: telemetrytypes.SignalTraces,
 				Filter: &qbtypes.Filter{
-					// http.request.method is an attribute field, not a resource field
-					// so the condition returns "true", and NOT should also return "true" (not "NOT (true)")
-					// In this system, SkipConditionLiteral means "this condition is not evaluable here"
-					// and the negation of "not evaluable" is also "not evaluable",
-					// so true is the right no-op. Returning false would incorrectly exclude all rows.
+					// http.request.method is an attribute field, not a resource field.
+					// NOT of a non-evaluable condition is also non-evaluable: CTE is skipped.
 					Expression: "NOT (http.request.method = 'GET')",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // only non-resource fields: CTE is skipped
 		},
 	}

@@ -389,8 +371,13 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 				require.Contains(t, err.Error(), c.expectedErr.Error())
 			} else {
 				require.NoError(t, err)
-				require.Equal(t, c.expected.Query, stmt.Query)
-				require.Equal(t, c.expected.Args, stmt.Args)
+				if c.expected == nil {
+					require.Nil(t, stmt)
+				} else {
+					require.NotNil(t, stmt)
+					require.Equal(t, c.expected.Query, stmt.Query)
+					require.Equal(t, c.expected.Args, stmt.Args)
+				}
 			}
 		})
 	}
@@ -402,7 +389,7 @@ func TestResourceFilterStatementBuilder_Logs(t *testing.T) {
 		query       qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]
 		start       uint64
 		end         uint64
-		expected    qbtypes.Statement
+		expected    *qbtypes.Statement
 		expectedErr error
 	}{
 		{
@@ -415,7 +402,7 @@ func TestResourceFilterStatementBuilder_Logs(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -426,12 +413,9 @@ func TestResourceFilterStatementBuilder_Logs(t *testing.T) {
 				Signal: telemetrytypes.SignalLogs,
 				Filter: nil,
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // no filter: CTE is skipped
 		},
 		{
 			name: "resource filter with empty filter expression for logs",
@@ -441,12 +425,9 @@ func TestResourceFilterStatementBuilder_Logs(t *testing.T) {
 					Expression: "",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // no filter: CTE is skipped
 		},
 		{
 			name: "resource filter with multiple conditions for logs",
@@ -458,7 +439,7 @@ func TestResourceFilterStatementBuilder_Logs(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE ((simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND (simpleJSONExtractString(labels, 'k8s.namespace.name') = ? AND labels LIKE ? AND labels LIKE ?)) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis", "%service.name%", "%service.name\":\"redis%", "default", "%k8s.namespace.name%", "%k8s.namespace.name\":\"default%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -469,14 +450,14 @@ func TestResourceFilterStatementBuilder_Logs(t *testing.T) {
 				Signal: telemetrytypes.SignalLogs,
 				Filter: &qbtypes.Filter{
 					// env and k8s.deployment.name are resource fields
-					// severity_text is an attribute field (returns true)
-					// Multiple grouped conditions with attribute fields
+					// severity_text is an attribute field (skipped)
+					// Mixed AND: resource conditions are kept, attribute conditions are dropped
 					Expression: "env = 'prod' AND k8s.deployment.name = 'prod-deployment' AND severity_text = 'ERROR' AND severity_text = 'WARN' AND (severity_text = 'INFO' AND severity_text = 'DEBUG') AND (severity_text = 'TRACE' AND severity_text = 'FATAL') AND (severity_text = 'a' AND severity_text = 'b') AND (severity_text = 'c' AND severity_text = 'd') AND (severity_text = 'e' AND severity_text = 'f')",
 				},
 			},
 			start: uint64(1769976178000000000), // These will give bucket start 1769974378 and end 1770062578
 			end:   uint64(1770062578000000000),
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE ((simpleJSONExtractString(labels, 'env') = ? AND labels LIKE ? AND labels LIKE ?) AND (simpleJSONExtractString(labels, 'k8s.deployment.name') = ? AND labels LIKE ? AND labels LIKE ?)) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"prod", "%env%", "%env\":\"prod%", "prod-deployment", "%k8s.deployment.name%", "%k8s.deployment.name\":\"prod-deployment%", uint64(1769974378), uint64(1770062578)},
 			},
@@ -486,101 +467,77 @@ func TestResourceFilterStatementBuilder_Logs(t *testing.T) {
 			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
 				Signal: telemetrytypes.SignalLogs,
 				Filter: &qbtypes.Filter{
-					// using not with full text search
 					Expression: "NOT 'error'",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil,
 		},
 		{
 			name: "NOT with unknown key should not generate not()",
 			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
 				Signal: telemetrytypes.SignalLogs,
 				Filter: &qbtypes.Filter{
-					// unknown.key is not in the metadata store, so with IgnoreNotFoundKeys=true
-					// the condition returns empty, and NOT should also return empty (not "not()")
+					// unknown.key not in metadata store; with IgnoreNotFoundKeys=true → no-op
 					Expression: "NOT (unknown.key = 'value')",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // unknown key ignored: CTE is skipped
 		},
 		{
 			name: "NOT EQUAL with unknown key should not generate not()",
 			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
 				Signal: telemetrytypes.SignalLogs,
 				Filter: &qbtypes.Filter{
-					// unknown.key is not in the metadata store, so with IgnoreNotFoundKeys=true
-					// the condition returns empty, and NOT should also return empty (not "not()")
+					// unknown.key not in metadata store; with IgnoreNotFoundKeys=true → no-op
 					Expression: "not(unknown.key = 'value1' and unknown.key = 'value2')",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // unknown key ignored: CTE is skipped
 		},
 		{
 			name: "NOT with attribute field should not generate NOT (true)",
 			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
 				Signal: telemetrytypes.SignalLogs,
 				Filter: &qbtypes.Filter{
-					// http.request.method is an attribute field, not a resource field
-					// so the condition returns "true", and NOT should also return "true" (not "NOT (true)")
+					// http.request.method is an attribute field: CTE is skipped
 					Expression: "not(http.request.method = 'POST')",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // only non-resource fields: CTE is skipped
 		},
 		{
 			name: "NOT with multiple attribute fields should not generate NOT (true and true)",
 			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
 				Signal: telemetrytypes.SignalLogs,
 				Filter: &qbtypes.Filter{
-					// http.request.method is an attribute field, not a resource field
-					// so the condition returns "true", and NOT should also return "true" (not "NOT (true)")
+					// all attribute fields: CTE is skipped
 					Expression: "not(http.request.method = 'POST' and module.name = 'abc')",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // only non-resource fields: CTE is skipped
 		},
 		{
 			name: "NOT with multiple attribute fields and values should not generate NOT (true and true)",
 			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
 				Signal: telemetrytypes.SignalLogs,
 				Filter: &qbtypes.Filter{
-					// http.request.method is an attribute field, not a resource field
-					// so the condition returns "true", and NOT should also return "true" (not "NOT (true)")
+					// all attribute fields: CTE is skipped
 					Expression: "not(http.request.method = 'POST' and (not 'error' and http.request.method = 'GET'))",
 				},
 			},
-			start: testStartNs,
-			end:   testEndNs,
-			expected: qbtypes.Statement{
-				Query: "SELECT fingerprint FROM signoz_logs.distributed_logs_v2_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
-				Args:  []any{expectedBucketStart, expectedBucketEnd},
-			},
+			start:    testStartNs,
+			end:      testEndNs,
+			expected: nil, // only non-resource fields: CTE is skipped
 		},
 	}

@@ -606,8 +563,13 @@ func TestResourceFilterStatementBuilder_Logs(t *testing.T) {
 				require.Contains(t, err.Error(), c.expectedErr.Error())
 			} else {
 				require.NoError(t, err)
-				require.Equal(t, c.expected.Query, stmt.Query)
-				require.Equal(t, c.expected.Args, stmt.Args)
+				if c.expected == nil {
+					require.Nil(t, stmt)
+				} else {
+					require.NotNil(t, stmt)
+					require.Equal(t, c.expected.Query, stmt.Query)
+					require.Equal(t, c.expected.Args, stmt.Args)
+				}
 			}
 		})
 	}
@@ -620,7 +582,7 @@ func TestResourceFilterStatementBuilder_Variables(t *testing.T) {
 		variables   map[string]qbtypes.VariableItem
 		start       uint64
 		end         uint64
-		expected    qbtypes.Statement
+		expected    *qbtypes.Statement
 		expectedErr error
 	}{
 		{
@@ -638,7 +600,7 @@ func TestResourceFilterStatementBuilder_Variables(t *testing.T) {
 			},
 			start: testStartNs,
 			end:   testEndNs,
-			expected: qbtypes.Statement{
+			expected: &qbtypes.Statement{
 				Query: "SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", expectedBucketStart, expectedBucketEnd},
 			},
@@ -667,8 +629,13 @@ func TestResourceFilterStatementBuilder_Variables(t *testing.T) {
 				require.Contains(t, err.Error(), c.expectedErr.Error())
 			} else {
 				require.NoError(t, err)
-				require.Equal(t, c.expected.Query, stmt.Query)
-				require.Equal(t, c.expected.Args, stmt.Args)
+				if c.expected == nil {
+					require.Nil(t, stmt)
+				} else {
+					require.NotNil(t, stmt)
+					require.Equal(t, c.expected.Query, stmt.Query)
+					require.Equal(t, c.expected.Args, stmt.Args)
+				}
 			}
 		})
 	}
--- a/pkg/telemetrytraces/statement_builder.go
+++ b/pkg/telemetrytraces/statement_builder.go
@@ -815,6 +815,9 @@ func (b *traceQueryStatementBuilder) maybeAttachResourceFilter(
 	if err != nil {
 		return "", nil, err
 	}
+	if stmt == nil {
+		return "", nil, nil
+	}

 	sb.Where("resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter)")

--- a/pkg/telemetrytraces/stmt_builder_test.go
+++ b/pkg/telemetrytraces/stmt_builder_test.go
@@ -46,7 +46,7 @@ func TestStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
@@ -75,8 +75,8 @@ func TestStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL) OR (attributes_string['http.request.method'] = ? AND mapContains(attributes_string, 'http.request.method') = ?)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL) OR (attributes_string['http.request.method'] = ? AND mapContains(attributes_string, 'http.request.method') = ?)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "redis-manual", "GET", true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, "redis-manual", "GET", true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
+				Query: "WITH __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE ((multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL) OR (attributes_string['http.request.method'] = ? AND mapContains(attributes_string, 'http.request.method') = ?)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE ((multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL) OR (attributes_string['http.request.method'] = ? AND mapContains(attributes_string, 'http.request.method') = ?)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
+				Args:  []any{"redis-manual", "GET", true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, "redis-manual", "GET", true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
 		},
@@ -104,8 +104,8 @@ func TestStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((match(`attribute_string_materialized$$key$$name`, ?) AND `attribute_string_materialized$$key$$name_exists` = ?) OR (multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((match(`attribute_string_materialized$$key$$name`, ?) AND `attribute_string_materialized$$key$$name_exists` = ?) OR (multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "redis-manual", true, "redis-manual", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, "redis-manual", true, "redis-manual", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
+				Query: "WITH __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE ((match(`attribute_string_materialized$$key$$name`, ?) AND `attribute_string_materialized$$key$$name_exists` = ?) OR (multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE ((match(`attribute_string_materialized$$key$$name`, ?) AND `attribute_string_materialized$$key$$name_exists` = ?) OR (multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
+				Args:  []any{"redis-manual", true, "redis-manual", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, "redis-manual", true, "redis-manual", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
 		},
@@ -135,7 +135,7 @@ func TestStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(attribute_string_http$$route <> ?, attribute_string_http$$route, NULL)) AS `httpRoute`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `httpRoute` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(attribute_string_http$$route <> ?, attribute_string_http$$route, NULL)) AS `httpRoute`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`httpRoute`) GLOBAL IN (SELECT `httpRoute` FROM __limit_cte) GROUP BY ts, `httpRoute`",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(attribute_string_http$$route <> ?, attribute_string_http$$route, NULL)) AS `httpRoute`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `httpRoute` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(attribute_string_http$$route <> ?, attribute_string_http$$route, NULL)) AS `httpRoute`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`httpRoute`) GLOBAL IN (SELECT `httpRoute` FROM __limit_cte) GROUP BY ts, `httpRoute`",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), "", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, "", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
@@ -173,8 +173,8 @@ func TestStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(attribute_string_http$$route <> ?, attribute_string_http$$route, NULL)) AS `httpRoute`, toString(multiIf(http_method <> ?, http_method, NULL)) AS `httpMethod`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((resource_string_service$$name = ? AND resource_string_service$$name <> ?) AND http_method <> ? AND kind_string = ?) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `httpRoute`, `httpMethod` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(attribute_string_http$$route <> ?, attribute_string_http$$route, NULL)) AS `httpRoute`, toString(multiIf(http_method <> ?, http_method, NULL)) AS `httpMethod`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((resource_string_service$$name = ? AND resource_string_service$$name <> ?) AND http_method <> ? AND kind_string = ?) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`httpRoute`, `httpMethod`) GLOBAL IN (SELECT `httpRoute`, `httpMethod` FROM __limit_cte) GROUP BY ts, `httpRoute`, `httpMethod`",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "", "", "redis-manual", "", "", "Server", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, "", "", "redis-manual", "", "", "Server", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
+				Query: "WITH __limit_cte AS (SELECT toString(multiIf(attribute_string_http$$route <> ?, attribute_string_http$$route, NULL)) AS `httpRoute`, toString(multiIf(http_method <> ?, http_method, NULL)) AS `httpMethod`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE ((resource_string_service$$name = ? AND resource_string_service$$name <> ?) AND http_method <> ? AND kind_string = ?) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `httpRoute`, `httpMethod` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(attribute_string_http$$route <> ?, attribute_string_http$$route, NULL)) AS `httpRoute`, toString(multiIf(http_method <> ?, http_method, NULL)) AS `httpMethod`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE ((resource_string_service$$name = ? AND resource_string_service$$name <> ?) AND http_method <> ? AND kind_string = ?) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`httpRoute`, `httpMethod`) GLOBAL IN (SELECT `httpRoute`, `httpMethod` FROM __limit_cte) GROUP BY ts, `httpRoute`, `httpMethod`",
+				Args:  []any{"", "", "redis-manual", "", "", "Server", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, "", "", "redis-manual", "", "", "Server", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
 		},
@@ -214,7 +214,7 @@ func TestStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(mapContains(attributes_number, 'metric.max_count') = ?, toFloat64(attributes_number['metric.max_count']), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 desc LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(mapContains(attributes_number, 'metric.max_count') = ?, toFloat64(attributes_number['metric.max_count']), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name` ORDER BY ts desc",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(mapContains(attributes_number, 'metric.max_count') = ?, toFloat64(attributes_number['metric.max_count']), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 desc LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(mapContains(attributes_number, 'metric.max_count') = ?, toFloat64(attributes_number['metric.max_count']), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name` ORDER BY ts desc",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
@@ -243,7 +243,7 @@ func TestStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(`attribute_number_cart$$items_count_exists` = ?, toFloat64(`attribute_number_cart$$items_count`), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(`attribute_number_cart$$items_count_exists` = ?, toFloat64(`attribute_number_cart$$items_count`), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(`attribute_number_cart$$items_count_exists` = ?, toFloat64(`attribute_number_cart$$items_count`), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(`attribute_number_cart$$items_count_exists` = ?, toFloat64(`attribute_number_cart$$items_count`), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name`",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
@@ -282,7 +282,7 @@ func TestStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(`attribute_number_cart$$items_count_exists` = ?, toFloat64(`attribute_number_cart$$items_count`), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY `service.name` desc LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(`attribute_number_cart$$items_count_exists` = ?, toFloat64(`attribute_number_cart$$items_count`), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name` ORDER BY `service.name` desc, ts desc",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(`attribute_number_cart$$items_count_exists` = ?, toFloat64(`attribute_number_cart$$items_count`), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `service.name` ORDER BY `service.name` desc LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, sum(multiIf(`attribute_number_cart$$items_count_exists` = ?, toFloat64(`attribute_number_cart$$items_count`), NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`service.name`) GLOBAL IN (SELECT `service.name` FROM __limit_cte) GROUP BY ts, `service.name` ORDER BY `service.name` desc, ts desc",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
@@ -313,7 +313,7 @@ func TestStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(response_status_code <> ?, response_status_code, NULL)) AS `responseStatusCode`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `responseStatusCode` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(response_status_code <> ?, response_status_code, NULL)) AS `responseStatusCode`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`responseStatusCode`) GLOBAL IN (SELECT `responseStatusCode` FROM __limit_cte) GROUP BY ts, `responseStatusCode`",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(response_status_code <> ?, response_status_code, NULL)) AS `responseStatusCode`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `responseStatusCode` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(response_status_code <> ?, response_status_code, NULL)) AS `responseStatusCode`, count() AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`responseStatusCode`) GLOBAL IN (SELECT `responseStatusCode` FROM __limit_cte) GROUP BY ts, `responseStatusCode`",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), "", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, "", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
@@ -344,7 +344,7 @@ func TestStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(response_status_code <> ?, response_status_code, NULL)) AS `responseStatusCode`, quantile(0.90)(multiIf(duration_nano <> ?, duration_nano, NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `responseStatusCode` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(response_status_code <> ?, response_status_code, NULL)) AS `responseStatusCode`, quantile(0.90)(multiIf(duration_nano <> ?, duration_nano, NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`responseStatusCode`) GLOBAL IN (SELECT `responseStatusCode` FROM __limit_cte) GROUP BY ts, `responseStatusCode`",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(response_status_code <> ?, response_status_code, NULL)) AS `responseStatusCode`, quantile(0.90)(multiIf(duration_nano <> ?, duration_nano, NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? GROUP BY `responseStatusCode` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(timestamp, INTERVAL 30 SECOND) AS ts, toString(multiIf(response_status_code <> ?, response_status_code, NULL)) AS `responseStatusCode`, quantile(0.90)(multiIf(duration_nano <> ?, duration_nano, NULL)) AS __result_0 FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND (`responseStatusCode`) GLOBAL IN (SELECT `responseStatusCode` FROM __limit_cte) GROUP BY ts, `responseStatusCode`",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), "", 0, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10, "", 0, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
@@ -436,7 +436,7 @@ func TestStatementBuilderListQuery(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT name AS `name`, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) AS `service.name`, duration_nano AS `duration_nano`, `attribute_number_cart$$items_count` AS `cart.items_count`, timestamp AS `timestamp`, span_id AS `span_id`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? LIMIT ?",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT name AS `name`, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) AS `service.name`, duration_nano AS `duration_nano`, `attribute_number_cart$$items_count` AS `cart.items_count`, timestamp AS `timestamp`, span_id AS `span_id`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? LIMIT ?",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
@@ -465,7 +465,7 @@ func TestStatementBuilderListQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT duration_nano AS `duration_nano`, name AS `name`, response_status_code AS `response_status_code`, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) AS `service.name`, span_id AS `span_id`, timestamp AS `timestamp`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY attributes_string['user.id'] AS `user.id` desc LIMIT ?",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT duration_nano AS `duration_nano`, name AS `name`, response_status_code AS `response_status_code`, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) AS `service.name`, span_id AS `span_id`, timestamp AS `timestamp`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY attributes_string['user.id'] AS `user.id` desc LIMIT ?",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
@@ -509,7 +509,7 @@ func TestStatementBuilderListQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT name AS `name`, resource_string_service$$name AS `serviceName`, duration_nano AS `durationNano`, http_method AS `httpMethod`, response_status_code AS `responseStatusCode`, timestamp AS `timestamp`, span_id AS `span_id`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? LIMIT ?",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT name AS `name`, resource_string_service$$name AS `serviceName`, duration_nano AS `durationNano`, http_method AS `httpMethod`, response_status_code AS `responseStatusCode`, timestamp AS `timestamp`, span_id AS `span_id`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? LIMIT ?",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
@@ -553,7 +553,7 @@ func TestStatementBuilderListQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT name AS `name`, resource_string_service$$name AS `serviceName`, duration_nano AS `durationNano`, http_method AS `httpMethod`, multiIf(toString(`attribute_string_mixed$$materialization$$key`) != '', toString(`attribute_string_mixed$$materialization$$key`), toString(multiIf(resource.`mixed.materialization.key` IS NOT NULL, resource.`mixed.materialization.key`::String, mapContains(resources_string, 'mixed.materialization.key'), resources_string['mixed.materialization.key'], NULL)) != '', toString(multiIf(resource.`mixed.materialization.key` IS NOT NULL, resource.`mixed.materialization.key`::String, mapContains(resources_string, 'mixed.materialization.key'), resources_string['mixed.materialization.key'], NULL)), NULL) AS `mixed.materialization.key`, timestamp AS `timestamp`, span_id AS `span_id`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? LIMIT ?",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT name AS `name`, resource_string_service$$name AS `serviceName`, duration_nano AS `durationNano`, http_method AS `httpMethod`, multiIf(toString(`attribute_string_mixed$$materialization$$key`) != '', toString(`attribute_string_mixed$$materialization$$key`), toString(multiIf(resource.`mixed.materialization.key` IS NOT NULL, resource.`mixed.materialization.key`::String, mapContains(resources_string, 'mixed.materialization.key'), resources_string['mixed.materialization.key'], NULL)) != '', toString(multiIf(resource.`mixed.materialization.key` IS NOT NULL, resource.`mixed.materialization.key`::String, mapContains(resources_string, 'mixed.materialization.key'), resources_string['mixed.materialization.key'], NULL)), NULL) AS `mixed.materialization.key`, timestamp AS `timestamp`, span_id AS `span_id`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? LIMIT ?",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
@@ -598,7 +598,7 @@ func TestStatementBuilderListQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT name AS `name`, resource_string_service$$name AS `serviceName`, duration_nano AS `durationNano`, http_method AS `httpMethod`, `attribute_string_mixed$$materialization$$key` AS `mixed.materialization.key`, timestamp AS `timestamp`, span_id AS `span_id`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? LIMIT ?",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT name AS `name`, resource_string_service$$name AS `serviceName`, duration_nano AS `durationNano`, http_method AS `httpMethod`, `attribute_string_mixed$$materialization$$key` AS `mixed.materialization.key`, timestamp AS `timestamp`, span_id AS `span_id`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? LIMIT ?",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
@@ -706,8 +706,8 @@ func TestStatementBuilderListQueryWithCorruptData(t *testing.T) {
 				Limit:        10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT duration_nano AS `duration_nano`, name AS `name`, response_status_code AS `response_status_code`, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) AS `service.name`, span_id AS `span_id`, timestamp AS `timestamp`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
+				Query: "SELECT duration_nano AS `duration_nano`, name AS `name`, response_status_code AS `response_status_code`, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) AS `service.name`, span_id AS `span_id`, timestamp AS `timestamp`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? LIMIT ?",
+				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -739,8 +739,8 @@ func TestStatementBuilderListQueryWithCorruptData(t *testing.T) {
 				}},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT duration_nano AS `duration_nano`, name AS `name`, response_status_code AS `response_status_code`, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) AS `service.name`, span_id AS `span_id`, timestamp AS `timestamp`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY timestamp AS `timestamp` asc LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
+				Query: "SELECT duration_nano AS `duration_nano`, name AS `name`, response_status_code AS `response_status_code`, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) AS `service.name`, span_id AS `span_id`, timestamp AS `timestamp`, trace_id AS `trace_id` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY timestamp AS `timestamp` asc LIMIT ?",
+				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -800,7 +800,7 @@ func TestStatementBuilderTraceQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
 				Args:  []any{"redis-manual", "%service.name%", "%service.name\":\"redis-manual%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
@@ -816,8 +816,8 @@ func TestStatementBuilderTraceQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND (`attribute_string_materialized$$key$$name` = ? AND `attribute_string_materialized$$key$$name_exists` = ?) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "redis-manual", true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
+				Query: "WITH __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE (`attribute_string_materialized$$key$$name` = ? AND `attribute_string_materialized$$key$$name_exists` = ?) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Args:  []any{"redis-manual", true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -832,8 +832,8 @@ func TestStatementBuilderTraceQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((match(`attribute_string_materialized$$key$$name`, ?) AND `attribute_string_materialized$$key$$name_exists` = ?) OR (multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "redis-manual", true, "redis-manual", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
+				Query: "WITH __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE ((match(`attribute_string_materialized$$key$$name`, ?) AND `attribute_string_materialized$$key$$name_exists` = ?) OR (multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) = ? AND multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Args:  []any{"redis-manual", true, "redis-manual", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -846,8 +846,8 @@ func TestStatementBuilderTraceQuery(t *testing.T) {
 				Limit:  10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
+				Query: "WITH __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -862,8 +862,8 @@ func TestStatementBuilderTraceQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((name, resource_string_service$$name) GLOBAL IN (SELECT DISTINCT name, serviceName from signoz_traces.distributed_top_level_operations WHERE time >= toDateTime(1747947419))) AND parent_span_id != '' AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
+				Query: "WITH __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE ((name, resource_string_service$$name) GLOBAL IN (SELECT DISTINCT name, serviceName from signoz_traces.distributed_top_level_operations WHERE time >= toDateTime(1747947419))) AND parent_span_id != '' AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -878,8 +878,8 @@ func TestStatementBuilderTraceQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND (((name, resource_string_service$$name) GLOBAL IN (SELECT DISTINCT name, serviceName from signoz_traces.distributed_top_level_operations WHERE time >= toDateTime(1747947419))) AND parent_span_id != '' OR (`attribute_string_materialized$$key$$name` = ? AND `attribute_string_materialized$$key$$name_exists` = ?)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "redis-manual", true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
+				Query: "WITH __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE (((name, resource_string_service$$name) GLOBAL IN (SELECT DISTINCT name, serviceName from signoz_traces.distributed_top_level_operations WHERE time >= toDateTime(1747947419))) AND parent_span_id != '' OR (`attribute_string_materialized$$key$$name` = ? AND `attribute_string_materialized$$key$$name_exists` = ?)) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Args:  []any{"redis-manual", true, "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
@@ -894,8 +894,8 @@ func TestStatementBuilderTraceQuery(t *testing.T) {
 				Limit: 10,
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND (toFloat64(kind) = ? OR kind_string = ?) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
-				Args:  []any{uint64(1747945619), uint64(1747983448), float64(2), "Server", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
+				Query: "WITH __toe AS (SELECT trace_id FROM signoz_traces.distributed_signoz_index_v3 WHERE (toFloat64(kind) = ? OR kind_string = ?) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __toe_duration_sorted AS (SELECT trace_id, duration_nano, resource_string_service$$name as `service.name`, name FROM signoz_traces.distributed_signoz_index_v3 WHERE parent_span_id = '' AND trace_id GLOBAL IN __toe AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? ORDER BY duration_nano DESC LIMIT 1 BY trace_id) SELECT __toe_duration_sorted.`service.name` AS `service.name`, __toe_duration_sorted.name AS `name`, count() AS span_count, __toe_duration_sorted.duration_nano AS `duration_nano`, __toe_duration_sorted.trace_id AS `trace_id` FROM __toe INNER JOIN __toe_duration_sorted ON __toe.trace_id = __toe_duration_sorted.trace_id GROUP BY trace_id, duration_nano, name, `service.name` ORDER BY duration_nano DESC LIMIT 1 BY trace_id LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Args:  []any{float64(2), "Server", "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
 		},
--- a/pkg/telemetrytraces/trace_operator_cte_builder_test.go
+++ b/pkg/telemetrytraces/trace_operator_cte_builder_test.go
@@ -66,7 +66,7 @@ func TestTraceOperatorStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), A_DIR_DESC_B AS (SELECT p.* FROM A AS p INNER JOIN B AS c ON p.trace_id = c.trace_id AND p.span_id = c.parent_span_id) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) AS `service.name` FROM A_DIR_DESC_B ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), A_DIR_DESC_B AS (SELECT p.* FROM A AS p INNER JOIN B AS c ON p.trace_id = c.trace_id AND p.span_id = c.parent_span_id) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) AS `service.name` FROM A_DIR_DESC_B ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
 				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "frontend", "%service.name%", "%service.name\":\"frontend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "backend", "%service.name%", "%service.name\":\"backend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
@@ -103,7 +103,7 @@ func TestTraceOperatorStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), A_INDIR_DESC_B AS (WITH RECURSIVE up AS (SELECT d.trace_id, d.span_id, d.parent_span_id, 0 AS depth FROM B AS d UNION ALL SELECT p.trace_id, p.span_id, p.parent_span_id, up.depth + 1 FROM all_spans AS p JOIN up ON p.trace_id = up.trace_id AND p.span_id = up.parent_span_id WHERE up.depth < 100) SELECT DISTINCT a.* FROM A AS a GLOBAL INNER JOIN (SELECT DISTINCT trace_id, span_id FROM up WHERE depth > 0 ) AS ancestors ON ancestors.trace_id = a.trace_id AND ancestors.span_id = a.span_id) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id FROM A_INDIR_DESC_B ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), A_INDIR_DESC_B AS (WITH RECURSIVE up AS (SELECT d.trace_id, d.span_id, d.parent_span_id, 0 AS depth FROM B AS d UNION ALL SELECT p.trace_id, p.span_id, p.parent_span_id, up.depth + 1 FROM all_spans AS p JOIN up ON p.trace_id = up.trace_id AND p.span_id = up.parent_span_id WHERE up.depth < 100) SELECT DISTINCT a.* FROM A AS a GLOBAL INNER JOIN (SELECT DISTINCT trace_id, span_id FROM up WHERE depth > 0 ) AS ancestors ON ancestors.trace_id = a.trace_id AND ancestors.span_id = a.span_id) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id FROM A_INDIR_DESC_B ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
 				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "gateway", "%service.name%", "%service.name\":\"gateway%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "database", "%service.name%", "%service.name\":\"database%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 5},
 			},
 			expectedErr: nil,
@@ -140,7 +140,7 @@ func TestTraceOperatorStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), A_AND_B AS (SELECT l.* FROM A AS l INNER JOIN B AS r ON l.trace_id = r.trace_id) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id FROM A_AND_B ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), A_AND_B AS (SELECT l.* FROM A AS l INNER JOIN B AS r ON l.trace_id = r.trace_id) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id FROM A_AND_B ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
 				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "frontend", "%service.name%", "%service.name\":\"frontend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "backend", "%service.name%", "%service.name\":\"backend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 15},
 			},
 			expectedErr: nil,
@@ -177,7 +177,7 @@ func TestTraceOperatorStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), A_OR_B AS (SELECT * FROM A UNION DISTINCT SELECT * FROM B) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id FROM A_OR_B ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), A_OR_B AS (SELECT * FROM A UNION DISTINCT SELECT * FROM B) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id FROM A_OR_B ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
 				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "frontend", "%service.name%", "%service.name\":\"frontend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "backend", "%service.name%", "%service.name\":\"backend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 20},
 			},
 			expectedErr: nil,
@@ -214,7 +214,7 @@ func TestTraceOperatorStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), A_not_B AS (SELECT l.* FROM A AS l WHERE l.trace_id GLOBAL NOT IN (SELECT DISTINCT trace_id FROM B)) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id FROM A_not_B ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), A_not_B AS (SELECT l.* FROM A AS l WHERE l.trace_id GLOBAL NOT IN (SELECT DISTINCT trace_id FROM B)) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id FROM A_not_B ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
 				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "frontend", "%service.name%", "%service.name\":\"frontend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "backend", "%service.name%", "%service.name\":\"backend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 10},
 			},
 			expectedErr: nil,
@@ -263,7 +263,7 @@ func TestTraceOperatorStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), A_DIR_DESC_B AS (SELECT p.* FROM A AS p INNER JOIN B AS c ON p.trace_id = c.trace_id AND p.span_id = c.parent_span_id) SELECT toStartOfInterval(timestamp, INTERVAL 60 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM A_DIR_DESC_B GROUP BY ts, `service.name` ORDER BY ts desc SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), A_DIR_DESC_B AS (SELECT p.* FROM A AS p INNER JOIN B AS c ON p.trace_id = c.trace_id AND p.span_id = c.parent_span_id) SELECT toStartOfInterval(timestamp, INTERVAL 60 SECOND) AS ts, toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, count() AS __result_0 FROM A_DIR_DESC_B GROUP BY ts, `service.name` ORDER BY ts desc SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
 				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "frontend", "%service.name%", "%service.name\":\"frontend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "backend", "%service.name%", "%service.name\":\"backend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448)},
 			},
 			expectedErr: nil,
@@ -322,8 +322,8 @@ func TestTraceOperatorStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND toFloat64(response_status_code) < ?), A_AND_B AS (SELECT l.* FROM A AS l INNER JOIN B AS r ON l.trace_id = r.trace_id) SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, avg(multiIf(duration_nano <> ?, duration_nano, NULL)) AS __result_0 FROM A_AND_B GROUP BY `service.name` ORDER BY __result_0 desc SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
-				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "frontend", "%service.name%", "%service.name\":\"frontend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), float64(400), 0},
+				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND toFloat64(response_status_code) < ?), A_AND_B AS (SELECT l.* FROM A AS l INNER JOIN B AS r ON l.trace_id = r.trace_id) SELECT toString(multiIf(multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL) IS NOT NULL, multiIf(resource.`service.name` IS NOT NULL, resource.`service.name`::String, mapContains(resources_string, 'service.name'), resources_string['service.name'], NULL), NULL)) AS `service.name`, avg(multiIf(duration_nano <> ?, duration_nano, NULL)) AS __result_0 FROM A_AND_B GROUP BY `service.name` ORDER BY __result_0 desc SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "frontend", "%service.name%", "%service.name\":\"frontend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), float64(400), 0},
 			},
 			expectedErr: nil,
 		},
@@ -379,7 +379,7 @@ func TestTraceOperatorStatementBuilder(t *testing.T) {
 				},
 			},
 			expected: qbtypes.Statement{
-				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), A_DIR_DESC_B AS (SELECT p.* FROM A AS p INNER JOIN B AS c ON p.trace_id = c.trace_id AND p.span_id = c.parent_span_id), __resource_filter_C AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), C AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_C) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), __resource_filter_D AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), D AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_D) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ? AND true), C_DIR_DESC_D AS (SELECT p.* FROM C AS p INNER JOIN D AS c ON p.trace_id = c.trace_id AND p.span_id = c.parent_span_id), A_DIR_DESC_B_AND_C_DIR_DESC_D AS (SELECT l.* FROM A_DIR_DESC_B AS l INNER JOIN C_DIR_DESC_D AS r ON l.trace_id = r.trace_id) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id FROM A_DIR_DESC_B_AND_C_DIR_DESC_D ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
+				Query: "WITH toDateTime64(1747947419000000000, 9) AS t_from, toDateTime64(1747983448000000000, 9) AS t_to, 1747945619 AS bucket_from, 1747983448 AS bucket_to, all_spans AS (SELECT *, resource_string_service$$name AS `service.name` FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_A AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), A AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_A) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_B AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), B AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_B) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), A_DIR_DESC_B AS (SELECT p.* FROM A AS p INNER JOIN B AS c ON p.trace_id = c.trace_id AND p.span_id = c.parent_span_id), __resource_filter_C AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), C AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_C) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), __resource_filter_D AS (SELECT fingerprint FROM signoz_traces.distributed_traces_v3_resource WHERE (simpleJSONExtractString(labels, 'service.name') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), D AS (SELECT * FROM signoz_traces.distributed_signoz_index_v3 WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter_D) AND timestamp >= ? AND timestamp < ? AND ts_bucket_start >= ? AND ts_bucket_start <= ?), C_DIR_DESC_D AS (SELECT p.* FROM C AS p INNER JOIN D AS c ON p.trace_id = c.trace_id AND p.span_id = c.parent_span_id), A_DIR_DESC_B_AND_C_DIR_DESC_D AS (SELECT l.* FROM A_DIR_DESC_B AS l INNER JOIN C_DIR_DESC_D AS r ON l.trace_id = r.trace_id) SELECT timestamp, trace_id, span_id, name, duration_nano, parent_span_id FROM A_DIR_DESC_B_AND_C_DIR_DESC_D ORDER BY timestamp DESC LIMIT ? SETTINGS distributed_product_mode='allow', max_memory_usage=10000000000",
 				Args:  []any{"1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "frontend", "%service.name%", "%service.name\":\"frontend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "backend", "%service.name%", "%service.name\":\"backend%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "auth", "%service.name%", "%service.name\":\"auth%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), "database", "%service.name%", "%service.name\":\"database%", uint64(1747945619), uint64(1747983448), "1747947419000000000", "1747983448000000000", uint64(1747945619), uint64(1747983448), 5},
 			},
 			expectedErr: nil,
--- a/pkg/types/querybuildertypes/querybuildertypesv5/builder_elements.go
+++ b/pkg/types/querybuildertypes/querybuildertypesv5/builder_elements.go
@@ -113,29 +113,6 @@ const (
 	FilterOperatorNotContains
 )

-var operatorInverseMapping = map[FilterOperator]FilterOperator{
-	FilterOperatorEqual:           FilterOperatorNotEqual,
-	FilterOperatorNotEqual:        FilterOperatorEqual,
-	FilterOperatorGreaterThan:     FilterOperatorLessThanOrEq,
-	FilterOperatorGreaterThanOrEq: FilterOperatorLessThan,
-	FilterOperatorLessThan:        FilterOperatorGreaterThanOrEq,
-	FilterOperatorLessThanOrEq:    FilterOperatorGreaterThan,
-	FilterOperatorLike:            FilterOperatorNotLike,
-	FilterOperatorNotLike:         FilterOperatorLike,
-	FilterOperatorILike:           FilterOperatorNotILike,
-	FilterOperatorNotILike:        FilterOperatorILike,
-	FilterOperatorBetween:         FilterOperatorNotBetween,
-	FilterOperatorNotBetween:      FilterOperatorBetween,
-	FilterOperatorIn:              FilterOperatorNotIn,
-	FilterOperatorNotIn:           FilterOperatorIn,
-	FilterOperatorExists:          FilterOperatorNotExists,
-	FilterOperatorNotExists:       FilterOperatorExists,
-	FilterOperatorRegexp:          FilterOperatorNotRegexp,
-	FilterOperatorNotRegexp:       FilterOperatorRegexp,
-	FilterOperatorContains:        FilterOperatorNotContains,
-	FilterOperatorNotContains:     FilterOperatorContains,
-}
-
 // AddDefaultExistsFilter returns true if addl exists filter should be added to the query
 // For the negative predicates, we don't want to add the exists filter. Why?
 // Say for example, user adds a filter `service.name != "redis"`, we can't interpret it
@@ -185,10 +162,6 @@ func (f FilterOperator) IsNegativeOperator() bool {
 	return true
 }

-func (f FilterOperator) Inverse() FilterOperator {
-	return operatorInverseMapping[f]
-}
-
 func (f FilterOperator) IsComparisonOperator() bool {
 	switch f {
 	case FilterOperatorGreaterThan, FilterOperatorGreaterThanOrEq, FilterOperatorLessThan, FilterOperatorLessThanOrEq:
--- a/pkg/types/serviceaccounttypes/factor_api_key.go
+++ b/pkg/types/serviceaccounttypes/factor_api_key.go
@@ -20,7 +20,6 @@ var (
 	ErrCodeAPIKeyAlreadyExists = errors.MustNewCode("api_key_already_exists")
 	ErrCodeAPIKeytNotFound     = errors.MustNewCode("api_key_not_found")
 	ErrCodeAPIKeyExpired       = errors.MustNewCode("api_key_expired")
-	errInvalidAPIKeyName       = errors.New(errors.TypeInvalidInput, ErrCodeAPIKeyInvalidInput, "name must be 1–80 characters long and contain only lowercase letters (a-z) and hyphens (-)")
 )

 type FactorAPIKey struct {
@@ -113,7 +112,7 @@ func (key *PostableFactorAPIKey) UnmarshalJSON(data []byte) error {
 	}

 	if match := factorAPIKeyNameRegex.MatchString(temp.Name); !match {
-		return errInvalidAPIKeyName
+		return errors.Newf(errors.TypeInvalidInput, ErrCodeAPIKeyInvalidInput, "name must conform to the regex: %s", factorAPIKeyNameRegex.String())
 	}

 	if temp.ExpiresAt != 0 && time.Now().After(time.Unix(int64(temp.ExpiresAt), 0)) {
@@ -133,7 +132,7 @@ func (key *UpdatableFactorAPIKey) UnmarshalJSON(data []byte) error {
 	}

 	if match := factorAPIKeyNameRegex.MatchString(temp.Name); !match {
-		return errInvalidAPIKeyName
+		return errors.Newf(errors.TypeInvalidInput, ErrCodeAPIKeyInvalidInput, "name must conform to the regex: %s", factorAPIKeyNameRegex.String())
 	}

 	if temp.ExpiresAt != 0 && time.Now().After(time.Unix(int64(temp.ExpiresAt), 0)) {
--- a/pkg/types/serviceaccounttypes/service_acccount.go
+++ b/pkg/types/serviceaccounttypes/service_acccount.go
@@ -23,7 +23,6 @@ var (
 	ErrCodeServiceAccountNotFound             = errors.MustNewCode("service_account_not_found")
 	ErrCodeServiceAccountRoleAlreadyExists    = errors.MustNewCode("service_account_role_already_exists")
 	ErrCodeServiceAccountOperationUnsupported = errors.MustNewCode("service_account_operation_unsupported")
-	errInvalidServiceAccountName              = errors.New(errors.TypeInvalidInput, ErrCodeServiceAccountInvalidInput, "name must be 1–50 characters long and contain only lowercase letters (a-z) and hyphens (-)")
 )

 var (
@@ -215,7 +214,7 @@ func (serviceAccount *PostableServiceAccount) UnmarshalJSON(data []byte) error {
 	}

 	if match := serviceAccountNameRegex.MatchString(temp.Name); !match {
-		return errInvalidServiceAccountName
+		return errors.Newf(errors.TypeInvalidInput, ErrCodeServiceAccountInvalidInput, "name must conform to the regex: %s", serviceAccountNameRegex.String())
 	}

 	*serviceAccount = PostableServiceAccount(temp)
--- a/pkg/types/telemetrytypes/json_access_plan.go
+++ b/pkg/types/telemetrytypes/json_access_plan.go
@@ -90,11 +90,6 @@ func (n *JSONAccessNode) FieldPath() string {
 	return n.Parent.Alias() + "." + key
 }

-// Returns true if the current node is a non-nested path.
-func (n *JSONAccessNode) IsNonNestedPath() bool {
-	return !strings.Contains(n.FieldPath(), ArraySep)
-}
-
 func (n *JSONAccessNode) BranchesInOrder() []JSONAccessBranchType {
 	return slices.SortedFunc(maps.Keys(n.Branches), func(a, b JSONAccessBranchType) int {
 		return strings.Compare(b.StringValue(), a.StringValue())
--- a/pkg/types/telemetrytypes/test_data.go
+++ b/pkg/types/telemetrytypes/test_data.go
@@ -8,101 +8,65 @@ package telemetrytypes
 // This represents the type information available in the test JSON structure.
 func TestJSONTypeSet() (map[string][]JSONDataType, MetadataStore) {
 	types := map[string][]JSONDataType{
-
-		// ── user (primitives) ─────────────────────────────────────────────
-		"user.name":        {String},
-		"user.permissions": {ArrayString},
-		"user.age":         {Int64, String}, // Int64/String ambiguity
-		"user.height":      {Float64},
-		"user.active":      {Bool}, // Bool — not IndexSupported
-
-		// Deeper non-array nesting (a.b.c — no array hops)
-		"user.address.zip": {Int64},
-
-		// ── education[] ───────────────────────────────────────────────────
-		// Pattern: x[].y
-		"education":              {ArrayJSON},
-		"education[].name":       {String},
-		"education[].type":       {String, Int64},
-		"education[].year":       {Int64},
-		"education[].scores":     {ArrayInt64},
-		"education[].parameters": {ArrayFloat64, ArrayDynamic},
-
-		// Pattern: x[].y[]
-		"education[].awards": {ArrayDynamic, ArrayJSON},
-
-		// Pattern: x[].y[].z
-		"education[].awards[].name":     {String},
-		"education[].awards[].type":     {String},
-		"education[].awards[].semester": {Int64},
-
-		// Pattern: x[].y[].z[]
-		"education[].awards[].participated": {ArrayDynamic, ArrayJSON},
-
-		// Pattern: x[].y[].z[].w
-		"education[].awards[].participated[].members": {ArrayString},
-
-		// Pattern: x[].y[].z[].w[]
-		"education[].awards[].participated[].team": {ArrayJSON},
-
-		// Pattern: x[].y[].z[].w[].v
-		"education[].awards[].participated[].team[].branch": {String},
-
-		// ── interests[] ───────────────────────────────────────────────────
-		"interests":                                                                 {ArrayJSON},
-		"interests[].entities":                                                      {ArrayJSON},
-		"interests[].entities[].reviews":                                            {ArrayJSON},
-		"interests[].entities[].reviews[].entries":                                  {ArrayJSON},
-		"interests[].entities[].reviews[].entries[].metadata":                       {ArrayJSON},
-		"interests[].entities[].reviews[].entries[].metadata[].positions":           {ArrayJSON},
-		"interests[].entities[].reviews[].entries[].metadata[].positions[].name":    {String},
-		"interests[].entities[].reviews[].entries[].metadata[].positions[].ratings": {ArrayInt64, ArrayString},
-		"http-events":                     {ArrayJSON},
-		"http-events[].request-info.host": {String},
-		"ids":                             {ArrayDynamic},
-
-		// ── top-level primitives ──────────────────────────────────────────
-		"message":     {String},
-		"http-status": {Int64, String}, // hyphen in root key, ambiguous
-
-		// ── top-level nested objects (no array hops) ───────────────────────
-		"response.time-taken": {Float64}, // hyphen inside nested key
+		"user.name":                                           {String},
+		"user.permissions":                                    {ArrayString},
+		"user.age":                                            {Int64, String},
+		"user.height":                                         {Float64},
+		"education":                                           {ArrayJSON},
+		"education[].name":                                    {String},
+		"education[].type":                                    {String, Int64},
+		"education[].internal_type":                           {String},
+		"education[].metadata.location":                       {String},
+		"education[].parameters":                              {ArrayFloat64, ArrayDynamic},
+		"education[].duration":                                {String},
+		"education[].mode":                                    {String},
+		"education[].year":                                    {Int64},
+		"education[].field":                                   {String},
+		"education[].awards":                                  {ArrayDynamic, ArrayJSON},
+		"education[].awards[].name":                           {String},
+		"education[].awards[].rank":                           {Int64},
+		"education[].awards[].medal":                          {String},
+		"education[].awards[].type":                           {String},
+		"education[].awards[].semester":                       {Int64},
+		"education[].awards[].participated":                   {ArrayDynamic, ArrayJSON},
+		"education[].awards[].participated[].type":            {String},
+		"education[].awards[].participated[].field":           {String},
+		"education[].awards[].participated[].project_type":    {String},
+		"education[].awards[].participated[].project_name":    {String},
+		"education[].awards[].participated[].race_type":       {String},
+		"education[].awards[].participated[].team_based":      {Bool},
+		"education[].awards[].participated[].team_name":       {String},
+		"education[].awards[].participated[].team":            {ArrayJSON},
+		"education[].awards[].participated[].members":         {ArrayString},
+		"education[].awards[].participated[].team[].name":     {String},
+		"education[].awards[].participated[].team[].branch":   {String},
+		"education[].awards[].participated[].team[].semester": {Int64},
+		"interests":                                                                  {ArrayJSON},
+		"interests[].type":                                                           {String},
+		"interests[].entities":                                                       {ArrayJSON},
+		"interests[].entities.application_date":                                      {String},
+		"interests[].entities[].reviews":                                             {ArrayJSON},
+		"interests[].entities[].reviews[].given_by":                                  {String},
+		"interests[].entities[].reviews[].remarks":                                   {String},
+		"interests[].entities[].reviews[].weight":                                    {Float64},
+		"interests[].entities[].reviews[].passed":                                    {Bool},
+		"interests[].entities[].reviews[].type":                                      {String},
+		"interests[].entities[].reviews[].analysis_type":                             {Int64},
+		"interests[].entities[].reviews[].entries":                                   {ArrayJSON},
+		"interests[].entities[].reviews[].entries[].subject":                         {String},
+		"interests[].entities[].reviews[].entries[].status":                          {String},
+		"interests[].entities[].reviews[].entries[].metadata":                        {ArrayJSON},
+		"interests[].entities[].reviews[].entries[].metadata[].company":              {String},
+		"interests[].entities[].reviews[].entries[].metadata[].experience":           {Int64},
+		"interests[].entities[].reviews[].entries[].metadata[].unit":                 {String},
+		"interests[].entities[].reviews[].entries[].metadata[].positions":            {ArrayJSON},
+		"interests[].entities[].reviews[].entries[].metadata[].positions[].name":     {String},
+		"interests[].entities[].reviews[].entries[].metadata[].positions[].duration": {Int64, Float64},
+		"interests[].entities[].reviews[].entries[].metadata[].positions[].unit":     {String},
+		"interests[].entities[].reviews[].entries[].metadata[].positions[].ratings":  {ArrayInt64, ArrayString},
+		"message": {String},
+		"tags":    {ArrayString},
 	}

 	return types, nil
 }
-
-// TestIndexedPathEntry is a path + JSON type pair representing a field
-// backed by a ClickHouse skip index in the test data.
-//
-// Only non-array paths with IndexSupported types (String, Int64, Float64)
-// are valid entries — arrays and Bool cannot carry a skip index.
-//
-// The ColumnExpression for each entry is computed at test-setup time from
-// the access plan, since it depends on the column name (e.g. body_v2)
-// which is unknown to this package.
-type TestIndexedPathEntry struct {
-	Path string
-	Type JSONDataType
-}
-
-// TestIndexedPaths lists path+type pairs from TestJSONTypeSet that are
-// backed by a JSON data type index. Test setup uses this to populate
-// key.Indexes after calling SetJSONAccessPlan.
-//
-// Intentionally excluded:
-//   - user.active → Bool, IndexSupported=false
-var TestIndexedPaths = []TestIndexedPathEntry{
-	// user primitives
-	{Path: "user.name", Type: String},
-
-	// user.address — deeper non-array nesting
-	{Path: "user.address.zip", Type: Int64},
-
-	// root-level with special characters
-	{Path: "http-status", Type: Int64},
-	{Path: "http-status", Type: String},
-
-	// root-level nested objects (no array hops)
-	{Path: "response.time-taken", Type: Float64},
-}
--- a/pkg/types/tracedetailtypes/waterfall.go
+++ b/pkg/types/tracedetailtypes/waterfall.go
@@ -1,247 +0,0 @@
-package tracedetailtypes
-
-import (
-	"encoding/json"
-	"maps"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/types/cachetypes"
-)
-
-// WaterfallRequest is the request body for the v3 waterfall API.
-type WaterfallRequest struct {
-	SelectedSpanID   string   `json:"selectedSpanId"`
-	UncollapsedSpans []string `json:"uncollapsedSpans"`
-	Limit            uint     `json:"limit"`
-}
-
-// WaterfallResponse is the response for the v3 waterfall API.
-type WaterfallResponse struct {
-	StartTimestampMillis          uint64            `json:"startTimestampMillis"`
-	EndTimestampMillis            uint64            `json:"endTimestampMillis"`
-	DurationNano                  uint64            `json:"durationNano"`
-	RootServiceName               string            `json:"rootServiceName"`
-	RootServiceEntryPoint         string            `json:"rootServiceEntryPoint"`
-	TotalSpansCount               uint64            `json:"totalSpansCount"`
-	TotalErrorSpansCount          uint64            `json:"totalErrorSpansCount"`
-	ServiceNameToTotalDurationMap map[string]uint64 `json:"serviceNameToTotalDurationMap"`
-	Spans                         []*WaterfallSpan  `json:"spans"`
-	HasMissingSpans               bool              `json:"hasMissingSpans"`
-	UncollapsedSpans              []string          `json:"uncollapsedSpans"`
-}
-
-// Event represents a span event.
-type Event struct {
-	Name         string         `json:"name,omitempty"`
-	TimeUnixNano uint64         `json:"timeUnixNano,omitempty"`
-	AttributeMap map[string]any `json:"attributeMap,omitempty"`
-	IsError      bool           `json:"isError,omitempty"`
-}
-
-// WaterfallSpan represents the span in waterfall response,
-// this uses snake_case keys for response as a special case since these
-// keys can be directly used to query spans and client need to know the actual fields.
-// This pattern should not be copied elsewhere.
-type WaterfallSpan struct {
-	Attributes         map[string]any    `json:"attributes"`
-	DBName             string            `json:"db_name"`
-	DBOperation        string            `json:"db_operation"`
-	DurationNano       uint64            `json:"duration_nano"`
-	Events             []Event           `json:"events"`
-	ExternalHTTPMethod string            `json:"external_http_method"`
-	ExternalHTTPURL    string            `json:"external_http_url"`
-	Flags              uint32            `json:"flags"`
-	HasError           bool              `json:"has_error"`
-	HTTPHost           string            `json:"http_host"`
-	HTTPMethod         string            `json:"http_method"`
-	HTTPURL            string            `json:"http_url"`
-	IsRemote           string            `json:"is_remote"`
-	Kind               int32             `json:"kind"`
-	KindString         string            `json:"kind_string"`
-	Links              string            `json:"links"`
-	Name               string            `json:"name"`
-	ParentSpanID       string            `json:"parent_span_id"`
-	Resource           map[string]string `json:"resource"`
-	ResponseStatusCode string            `json:"response_status_code"`
-	SpanID             string            `json:"span_id"`
-	StatusCode         int32             `json:"status_code"`
-	StatusCodeString   string            `json:"status_code_string"`
-	StatusMessage      string            `json:"status_message"`
-	Timestamp          string            `json:"timestamp"`
-	TraceID            string            `json:"trace_id"`
-	TraceState         string            `json:"trace_state"`
-
-	// Tree structure fields
-	Children         []*WaterfallSpan `json:"-"`
-	SubTreeNodeCount uint64           `json:"sub_tree_node_count"`
-	HasChildren      bool             `json:"has_children"`
-	Level            uint64           `json:"level"`
-
-	// timeUnixNano is an internal field used for tree building and sorting.
-	// It is not serialized in the JSON response.
-	TimeUnixNano uint64 `json:"-"`
-	// serviceName is an internal field used for service time calculation.
-	ServiceName string `json:"-"`
-}
-
-// CopyWithoutChildren creates a shallow copy and reset computed tree fields.
-func (s *WaterfallSpan) CopyWithoutChildren(level uint64) *WaterfallSpan {
-	cp := *s
-	cp.Level = level
-	cp.HasChildren = len(s.Children) > 0
-	cp.Children = make([]*WaterfallSpan, 0)
-	cp.SubTreeNodeCount = 0
-	return &cp
-}
-
-// SpanModel is the ClickHouse scan struct for the v3 waterfall query.
-type SpanModel struct {
-	TimeUnixNano       time.Time          `ch:"timestamp"`
-	DurationNano       uint64             `ch:"duration_nano"`
-	SpanID             string             `ch:"span_id"`
-	TraceID            string             `ch:"trace_id"`
-	HasError           bool               `ch:"has_error"`
-	Kind               int8               `ch:"kind"`
-	ServiceName        string             `ch:"resource_string_service$$name"`
-	Name               string             `ch:"name"`
-	References         string             `ch:"references"`
-	AttributesString   map[string]string  `ch:"attributes_string"`
-	AttributesNumber   map[string]float64 `ch:"attributes_number"`
-	AttributesBool     map[string]bool    `ch:"attributes_bool"`
-	ResourcesString    map[string]string  `ch:"resources_string"`
-	Events             []string           `ch:"events"`
-	StatusMessage      string             `ch:"status_message"`
-	StatusCodeString   string             `ch:"status_code_string"`
-	SpanKind           string             `ch:"kind_string"`
-	ParentSpanID       string             `ch:"parent_span_id"`
-	Flags              uint32             `ch:"flags"`
-	IsRemote           string             `ch:"is_remote"`
-	TraceState         string             `ch:"trace_state"`
-	StatusCode         int32              `ch:"status_code"`
-	DBName             string             `ch:"db_name"`
-	DBOperation        string             `ch:"db_operation"`
-	HTTPMethod         string             `ch:"http_method"`
-	HTTPURL            string             `ch:"http_url"`
-	HTTPHost           string             `ch:"http_host"`
-	ExternalHTTPMethod string             `ch:"external_http_method"`
-	ExternalHTTPURL    string             `ch:"external_http_url"`
-	ResponseStatusCode string             `ch:"response_status_code"`
-}
-
-// ToSpan converts a SpanModel (ClickHouse scan result) into a Span for the waterfall response.
-func (item *SpanModel) ToSpan() *WaterfallSpan {
-	// Merge attributes_string, attributes_number, attributes_bool preserving native types
-	attributes := make(map[string]any, len(item.AttributesString)+len(item.AttributesNumber)+len(item.AttributesBool))
-	for k, v := range item.AttributesString {
-		attributes[k] = v
-	}
-	for k, v := range item.AttributesNumber {
-		attributes[k] = v
-	}
-	for k, v := range item.AttributesBool {
-		attributes[k] = v
-	}
-
-	resources := make(map[string]string)
-	maps.Copy(resources, item.ResourcesString)
-
-	events := make([]Event, 0, len(item.Events))
-	for _, eventStr := range item.Events {
-		var event Event
-		if err := json.Unmarshal([]byte(eventStr), &event); err != nil {
-			continue
-		}
-		events = append(events, event)
-	}
-
-	return &WaterfallSpan{
-		Attributes:         attributes,
-		DBName:             item.DBName,
-		DBOperation:        item.DBOperation,
-		DurationNano:       item.DurationNano,
-		Events:             events,
-		ExternalHTTPMethod: item.ExternalHTTPMethod,
-		ExternalHTTPURL:    item.ExternalHTTPURL,
-		Flags:              item.Flags,
-		HasError:           item.HasError,
-		HTTPHost:           item.HTTPHost,
-		HTTPMethod:         item.HTTPMethod,
-		HTTPURL:            item.HTTPURL,
-		IsRemote:           item.IsRemote,
-		Kind:               int32(item.Kind),
-		KindString:         item.SpanKind,
-		Links:              item.References,
-		Name:               item.Name,
-		ParentSpanID:       item.ParentSpanID,
-		Resource:           resources,
-		ResponseStatusCode: item.ResponseStatusCode,
-		SpanID:             item.SpanID,
-		StatusCode:         item.StatusCode,
-		StatusCodeString:   item.StatusCodeString,
-		StatusMessage:      item.StatusMessage,
-		Timestamp:          item.TimeUnixNano.Format(time.RFC3339Nano),
-		TraceID:            item.TraceID,
-		TraceState:         item.TraceState,
-		Children:           make([]*WaterfallSpan, 0),
-		TimeUnixNano:       uint64(item.TimeUnixNano.UnixNano()),
-		ServiceName:        item.ServiceName,
-	}
-}
-
-// TraceSummary is the ClickHouse scan struct for the trace_summary query.
-type TraceSummary struct {
-	TraceID  string    `ch:"trace_id"`
-	Start    time.Time `ch:"start"`
-	End      time.Time `ch:"end"`
-	NumSpans uint64    `ch:"num_spans"`
-}
-
-// OtelSpanRef is used for parsing the references/links JSON from ClickHouse.
-type OtelSpanRef struct {
-	TraceId string `json:"traceId,omitempty"`
-	SpanId  string `json:"spanId,omitempty"`
-	RefType string `json:"refType,omitempty"`
-}
-
-// WaterfallCache holds pre-processed trace data for caching.
-type WaterfallCache struct {
-	StartTime                     uint64                    `json:"startTime"`
-	EndTime                       uint64                    `json:"endTime"`
-	DurationNano                  uint64                    `json:"durationNano"`
-	TotalSpans                    uint64                    `json:"totalSpans"`
-	TotalErrorSpans               uint64                    `json:"totalErrorSpans"`
-	ServiceNameToTotalDurationMap map[string]uint64         `json:"serviceNameToTotalDurationMap"`
-	SpanIDToSpanNodeMap           map[string]*WaterfallSpan `json:"spanIdToSpanNodeMap"`
-	TraceRoots                    []*WaterfallSpan          `json:"traceRoots"`
-	HasMissingSpans               bool                      `json:"hasMissingSpans"`
-}
-
-func (c *WaterfallCache) Clone() cachetypes.Cacheable {
-	copyOfServiceNameToTotalDurationMap := make(map[string]uint64)
-	maps.Copy(copyOfServiceNameToTotalDurationMap, c.ServiceNameToTotalDurationMap)
-
-	copyOfSpanIDToSpanNodeMap := make(map[string]*WaterfallSpan)
-	maps.Copy(copyOfSpanIDToSpanNodeMap, c.SpanIDToSpanNodeMap)
-
-	copyOfTraceRoots := make([]*WaterfallSpan, len(c.TraceRoots))
-	copy(copyOfTraceRoots, c.TraceRoots)
-	return &WaterfallCache{
-		StartTime:                     c.StartTime,
-		EndTime:                       c.EndTime,
-		DurationNano:                  c.DurationNano,
-		TotalSpans:                    c.TotalSpans,
-		TotalErrorSpans:               c.TotalErrorSpans,
-		ServiceNameToTotalDurationMap: copyOfServiceNameToTotalDurationMap,
-		SpanIDToSpanNodeMap:           copyOfSpanIDToSpanNodeMap,
-		TraceRoots:                    copyOfTraceRoots,
-		HasMissingSpans:               c.HasMissingSpans,
-	}
-}
-
-func (c *WaterfallCache) MarshalBinary() (data []byte, err error) {
-	return json.Marshal(c)
-}
-
-func (c *WaterfallCache) UnmarshalBinary(data []byte) error {
-	return json.Unmarshal(data, c)
-}
--- a/tests/integration/fixtures/querier.py
+++ b/tests/integration/fixtures/querier.py
@@ -14,8 +14,8 @@ QUERY_TIMEOUT = 30  # seconds
@dataclass
 class TelemetryFieldKey:
    name: str
-    field_data_type: Optional[str] = None
-    field_context: Optional[str] = None
+    field_data_type: str
+    field_context: str

    def to_dict(self) -> Dict:
        return {
--- a/tests/integration/src/querier/01_logs.py
+++ b/tests/integration/src/querier/01_logs.py
@@ -14,9 +14,7 @@ from fixtures.querier import (
    index_series_by_label,
    make_query_request,
 )
-from src.querier.util import (
-    assert_identical_query_response,
-)
+from src.querier.util import assert_identical_query_response


 def test_logs_list(
@@ -401,6 +399,174 @@ def test_logs_list(
    assert "d-001" in values


+def test_logs_list_with_corrupt_data(
+    signoz: types.SigNoz,
+    create_user_admin: None,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+    insert_logs: Callable[[List[Logs]], None],
+) -> None:
+    """
+    Setup:
+    Insert 2 logs with different attributes
+
+    Tests:
+    1. Query logs for the last 10 seconds and check if the logs are returned in the correct order
+    2. Query values of severity_text attribute from the autocomplete API
+    3. Query values of severity_text attribute from the fields API
+    4. Query values of code.file attribute from the autocomplete API
+    5. Query values of code.file attribute from the fields API
+    6. Query values of code.line attribute from the autocomplete API
+    7. Query values of code.line attribute from the fields API
+    """
+    insert_logs(
+        [
+            Logs(
+                timestamp=datetime.now(tz=timezone.utc) - timedelta(seconds=1),
+                resources={
+                    "deployment.environment": "production",
+                    "service.name": "java",
+                    "os.type": "linux",
+                    "host.name": "linux-001",
+                    "cloud.provider": "integration",
+                    "cloud.account.id": "001",
+                    "timestamp": "2024-01-01T00:00:00Z",
+                },
+                attributes={
+                    "log.iostream": "stdout",
+                    "logtag": "F",
+                    "code.file": "/opt/Integration.java",
+                    "code.function": "com.example.Integration.process",
+                    "code.line": 120,
+                    "telemetry.sdk.language": "java",
+                    "id": "1",
+                },
+                body="This is a log message, coming from a java application",
+                severity_text="DEBUG",
+            ),
+            Logs(
+                timestamp=datetime.now(tz=timezone.utc),
+                resources={
+                    "deployment.environment": "production",
+                    "service.name": "go",
+                    "os.type": "linux",
+                    "host.name": "linux-001",
+                    "cloud.provider": "integration",
+                    "cloud.account.id": "001",
+                    "id": 2,
+                },
+                attributes={
+                    "log.iostream": "stdout",
+                    "logtag": "F",
+                    "code.file": "/opt/integration.go",
+                    "code.function": "com.example.Integration.process",
+                    "code.line": 120,
+                    "metric.domain_id": "d-001",
+                    "telemetry.sdk.language": "go",
+                    "timestamp": "invalid-timestamp",
+                },
+                body="This is a log message, coming from a go application",
+                severity_text="INFO",
+            ),
+        ]
+    )
+
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    # Query Logs for the last 10 seconds and check if the logs are returned in the correct order
+    response = requests.post(
+        signoz.self.host_configs["8080"].get("/api/v5/query_range"),
+        timeout=2,
+        headers={
+            "authorization": f"Bearer {token}",
+        },
+        json={
+            "schemaVersion": "v1",
+            "start": int(
+                (datetime.now(tz=timezone.utc) - timedelta(seconds=10)).timestamp()
+                * 1000
+            ),
+            "end": int(datetime.now(tz=timezone.utc).timestamp() * 1000),
+            "requestType": "raw",
+            "compositeQuery": {
+                "queries": [
+                    {
+                        "type": "builder_query",
+                        "spec": {
+                            "name": "A",
+                            "signal": "logs",
+                            "disabled": False,
+                            "limit": 100,
+                            "offset": 0,
+                            "order": [
+                                {"key": {"name": "timestamp"}, "direction": "desc"},
+                                {"key": {"name": "id"}, "direction": "desc"},
+                            ],
+                            "having": {"expression": ""},
+                            "aggregations": [{"expression": "count()"}],
+                        },
+                    }
+                ]
+            },
+            "formatOptions": {"formatTableResultForUI": False, "fillGaps": False},
+        },
+    )
+
+    assert response.status_code == HTTPStatus.OK
+    assert response.json()["status"] == "success"
+
+    results = response.json()["data"]["data"]["results"]
+    assert len(results) == 1
+
+    rows = results[0]["rows"]
+    assert len(rows) == 2
+
+    assert (
+        rows[0]["data"]["body"] == "This is a log message, coming from a go application"
+    )
+    assert rows[0]["data"]["resources_string"] == {
+        "cloud.account.id": "001",
+        "cloud.provider": "integration",
+        "deployment.environment": "production",
+        "host.name": "linux-001",
+        "os.type": "linux",
+        "service.name": "go",
+        "id": "2",
+    }
+    assert rows[0]["data"]["attributes_string"] == {
+        "code.file": "/opt/integration.go",
+        "code.function": "com.example.Integration.process",
+        "log.iostream": "stdout",
+        "logtag": "F",
+        "metric.domain_id": "d-001",
+        "telemetry.sdk.language": "go",
+        "timestamp": "invalid-timestamp",
+    }
+    assert rows[0]["data"]["attributes_number"] == {"code.line": 120}
+
+    assert (
+        rows[1]["data"]["body"]
+        == "This is a log message, coming from a java application"
+    )
+    assert rows[1]["data"]["resources_string"] == {
+        "cloud.account.id": "001",
+        "cloud.provider": "integration",
+        "deployment.environment": "production",
+        "host.name": "linux-001",
+        "os.type": "linux",
+        "service.name": "java",
+        "timestamp": "2024-01-01T00:00:00Z",
+    }
+    assert rows[1]["data"]["attributes_string"] == {
+        "code.file": "/opt/Integration.java",
+        "code.function": "com.example.Integration.process",
+        "id": "1",
+        "log.iostream": "stdout",
+        "logtag": "F",
+        "telemetry.sdk.language": "java",
+    }
+    assert rows[1]["data"]["attributes_number"] == {"code.line": 120}
+
+
@pytest.mark.parametrize(
    "order_by_context,expected_order",
    ####
--- a/tests/integration/src/querier/14_list_query_expectations.py
+++ b/tests/integration/src/querier/14_list_query_expectations.py
@@ -1,774 +0,0 @@
-from datetime import datetime, timedelta, timezone
-from http import HTTPStatus
-from typing import Any, Callable, List
-
-import pytest
-
-from fixtures import types
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.logs import Logs
-from fixtures.querier import (
-    BuilderQuery,
-    OrderBy,
-    TelemetryFieldKey,
-    make_query_request,
-)
-from src.querier.util import (
-    generate_logs_with_corrupt_metadata,
-)
-
-
-@pytest.mark.parametrize(
-    "query,result",
-    [
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         limit=1,
-        #     ),
-        #     lambda x: _flatten_log(x[2]),
-        #     id="no-select-no-order",
-        #     # Behaviour:
-        #     # Empty order results in consistent random order
-        # ),
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[TelemetryFieldKey("timestamp")],
-        #         limit=1,
-        #     ),
-        #     lambda x: [x[2].id, x[2].timestamp],
-        #     id="select-timestamp-no-order",
-        #     # Behaviour:
-        #     # AdjustKeys no-op
-        #     # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp field
-        #     # Select timestamp is mapped to top level field by field mapper
-        #     # Empty order results in consistent random order
-        # ),
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[TelemetryFieldKey("log.timestamp")],
-        #         limit=1,
-        #     ),
-        #     lambda x: [x[2].id, x[2].timestamp],
-        #     id="select-log-timestamp-no-order",
-        #     # Behaviour:
-        #     # AdjustKeys no-op
-        #     # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp field
-        #     # Select timestamp is mapped to top level field by field mapper
-        #     # Empty order results in consistent random order
-        # ),
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[TelemetryFieldKey("attribute.timestamp")],
-        #         limit=1,
-        #     ),
-        #     lambda x: [x[2].id, x[2].timestamp],
-        #     id="select-attr-timestamp-no-order",
-        #     # Behaviour: [BUG - user didn't get what they expected]
-        #     # AdjustKeys no-op
-        #     # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp field
-        #     # Select timestamp is mapped to top level field by field mapper
-        #     # Empty order results in consistent random order
-        # ),
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[
-        #             TelemetryFieldKey("log.timestamp"),
-        #             TelemetryFieldKey("attribute.timestamp"),
-        #         ],
-        #         limit=1,
-        #     ),
-        #     lambda x: [x[2].id, x[2].timestamp],
-        #     id="select-log-timestamp-and-attr-timestamp-no-order",
-        #     # Behaviour: [BUG - user didn't get what they expected]
-        #     # AdjustKeys logic adjusts key "attribute.timestamp" to "timestamp"
-        #     # AdjustKeys logic adjusts key "log.timestamp" to "timestamp"
-        #     # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-        #     # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp fields
-        #     # Select timestamp is mapped to top level field by field mapper
-        #     # Empty order results in consistent random order
-        # ),
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[
-        #             TelemetryFieldKey("timestamp"),
-        #             TelemetryFieldKey("attribute.timestamp"),
-        #         ],
-        #         limit=1,
-        #     ),
-        #     lambda x: [x[2].id, x[2].timestamp],
-        #     id="select-timestamp-and-attr-timestamp-no-order",
-        #     # Behaviour:
-        #     # AdjustKeys logic adjusts key "attribute.timestamp" to "timestamp"
-        #     # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-        #     # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp fields
-        #     # Select timestamp is mapped to top level field by field mapper
-        #     # Empty order results in consistent random order
-        # ),
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[
-        #             TelemetryFieldKey("log.timestamp"),
-        #             TelemetryFieldKey("timestamp"),
-        #         ],
-        #         limit=1,
-        #     ),
-        #     lambda x: [x[2].id, x[2].timestamp],
-        #     id="select-log-timestamp-and-timestamp-no-order",
-        #     # Behaviour:
-        #     # AdjustKeys logic adjusts key "log.timestamp" to "timestamp"
-        #     # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-        #     # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp field
-        #     # Select timestamp is mapped to top level field by field mapper
-        #     # Empty order results in consistent random order
-        # ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                limit=1,
-                order=[OrderBy(TelemetryFieldKey("timestamp"), "desc")],
-            ),
-            lambda x: _flatten_log(x[3]),
-            id="no-select-order-timestamp-desc",
-            # Behaviour:
-            # AdjustKeys no-op
-            # Order by timestamp is mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[TelemetryFieldKey("timestamp")],
-                order=[OrderBy(TelemetryFieldKey("timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-timestamp-order-timestamp-desc",
-            # Behaviour:
-            # AdjustKeys no-op
-            # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp field
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[TelemetryFieldKey("log.timestamp")],
-                order=[OrderBy(TelemetryFieldKey("timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-log-timestamp-order-timestamp-desc",
-            # Behaviour:
-            # AdjustKeys logic adjusts key "log.timestamp" to "timestamp"
-            # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-            # Logs stmt builder by default adds timestamp field to select fields and ignores user input log.timestamp field
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[TelemetryFieldKey("attribute.timestamp")],
-                order=[OrderBy(TelemetryFieldKey("timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-attr-timestamp-order-timestamp-desc",
-            # Behaviour:
-            # AdjustKeys logic adjusts key "attribute.timestamp" to "timestamp"
-            # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-            # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp field
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[
-                    TelemetryFieldKey("log.timestamp"),
-                    TelemetryFieldKey("attribute.timestamp"),
-                ],
-                order=[OrderBy(TelemetryFieldKey("timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-log-timestamp-and-attr-timestamp-order-timestamp-desc",
-            # Behaviour:
-            # AdjustKeys logic adjusts key "attribute.timestamp" to "timestamp"
-            # AdjustKeys logic adjusts key "log.timestamp" to "timestamp"
-            # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-            # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp fields
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[
-                    TelemetryFieldKey("timestamp"),
-                    TelemetryFieldKey("attribute.timestamp"),
-                ],
-                order=[OrderBy(TelemetryFieldKey("timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-timestamp-and-attr-timestamp-order-timestamp-desc",
-            # Behaviour:
-            # AdjustKeys logic adjusts key "attribute.timestamp" to "timestamp"
-            # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-            # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp fields
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[
-                    TelemetryFieldKey("log.timestamp"),
-                    TelemetryFieldKey("timestamp"),
-                ],
-                order=[OrderBy(TelemetryFieldKey("timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-log-timestamp-and-timestamp-order-timestamp-desc",
-            # Behaviour:
-            # AdjustKeys logic adjusts key "attribute.timestamp" to "timestamp"
-            # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-            # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp fields
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                limit=1,
-                order=[OrderBy(TelemetryFieldKey("attribute.timestamp"), "desc")],
-            ),
-            lambda x: [],
-            id="no-select-order-attr-timestamp-desc",
-            # Behaviour: [BUG]
-            # AdjustKeys logic adjusts key "attribute.timestamp" to "attribute.timestamp:string"
-            # Because of aliasing bug, result is empty
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[TelemetryFieldKey("timestamp")],
-                order=[OrderBy(TelemetryFieldKey("attribute.timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-timestamp-order-attr-timestamp-desc",
-            # Behaviour:
-            # AdjustKeys adjusts key "attribute.timestamp" to "timestamp"
-            # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp field
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[TelemetryFieldKey("log.timestamp")],
-                order=[OrderBy(TelemetryFieldKey("attribute.timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-log-timestamp-order-attr-timestamp-desc",
-            # Behaviour: [BUG - user didn't get what they expected]
-            # AdjustKeys logic adjusts key "attribute.timestamp" to "timestamp"
-            # AdjustKeys logic adjusts key "log.timestamp" to "timestamp"
-            # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp field
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[TelemetryFieldKey("attribute.timestamp")],
-                order=[OrderBy(TelemetryFieldKey("attribute.timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [],  # Because of aliasing bug, this returns no data
-            id="select-attr-timestamp-order-attr-timestamp-desc",
-            # Behaviour [BUG - user didn't get what they expected]:
-            # AdjustKeys logic adjusts key "attribute.timestamp" to "attribute.timestamp:string"
-            # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp field
-            # Because of Logs stmt builder behaviour, we ran into aliasing bug, result is empty
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[
-                    TelemetryFieldKey("log.timestamp"),
-                    TelemetryFieldKey("attribute.timestamp"),
-                ],
-                order=[OrderBy(TelemetryFieldKey("attribute.timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-log-timestamp-and-attr-timestamp-order-attr-timestamp-desc",
-            # Behaviour: [BUG - user didn't get what they expected]
-            # AdjustKeys logic adjusts key "attribute.timestamp" to "timestamp"
-            # AdjustKeys logic adjusts key "log.timestamp" to "timestamp"
-            # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-            # Logs stmt builder by default adds timestamp field to select fields and ignores user input timestamp field
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[
-                    TelemetryFieldKey("timestamp"),
-                    TelemetryFieldKey("attribute.timestamp"),
-                ],
-                order=[OrderBy(TelemetryFieldKey("attribute.timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-timestamp-and-attr-timestamp-order-attr-timestamp-desc",
-            # Behaviour:
-            # AdjustKeys logic adjusts key "attribute.timestamp" to "timestamp"
-            # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[
-                    TelemetryFieldKey("log.timestamp"),
-                    TelemetryFieldKey("timestamp"),
-                ],
-                order=[OrderBy(TelemetryFieldKey("attribute.timestamp"), "desc")],
-                limit=1,
-            ),
-            lambda x: [x[3].id, x[3].timestamp],
-            id="select-log-timestamp-and-timestamp-order-attr-timestamp-desc",
-            # Behaviour:
-            # AdjustKeys logic adjusts key "attribute.timestamp" to "timestamp"
-            # AdjustKeys logic adjusts key "log.timestamp" to "timestamp"
-            # AdjustKeys logic removes duplicate key "timestamp", only 1 select field is left
-            # Select and OrderBy both timestamp are mapped to top level field by field mapper
-        ),
-    ],
-)
-def test_logs_list_query_timestamp_expectations(
-    signoz: types.SigNoz,
-    create_user_admin: None,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    insert_logs: Callable[[List[Logs]], None],
-    query: BuilderQuery,
-    result: Callable[[List[Logs]], List[Any]],
-) -> None:
-    """
-    Setup:
-    Insert logs with corrupt data
-
-    Tests:
-    """
-    logs = generate_logs_with_corrupt_metadata()
-    insert_logs(logs)
-
-    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    # Query Logs for the last 1 minute and check if the logs are returned in the correct order
-    response = make_query_request(
-        signoz,
-        token,
-        start_ms=int(
-            (datetime.now(tz=timezone.utc) - timedelta(minutes=1)).timestamp() * 1000
-        ),
-        end_ms=int(datetime.now(tz=timezone.utc).timestamp() * 1000),
-        request_type="raw",
-        queries=[query.to_dict()],
-    )
-
-    assert response.status_code == HTTPStatus.OK
-
-    if response.status_code == HTTPStatus.OK:
-        if not result(logs):
-            # No results expected
-            assert response.json()["data"]["data"]["results"][0]["rows"] is None
-        else:
-            data = response.json()["data"]["data"]["results"][0]["rows"][0]["data"]
-            for key, value in zip(list(data.keys()), result(logs)):
-                assert data[key] == value
-
-
-@pytest.mark.parametrize(
-    "query,results",
-    [
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[TelemetryFieldKey("trace_id")],
-        #     ),
-        #     lambda x: [
-        #         [x[2].id, x[2].timestamp, x[2].trace_id],
-        #         [x[1].id, x[1].timestamp, x[1].trace_id],
-        #         [x[0].id, x[0].timestamp, x[0].trace_id],
-        #         [x[3].id, x[3].timestamp, x[3].trace_id],
-        #     ],
-        #     id="select-trace-id-no-order",
-        #     # Justification (expected values and row order):
-        #     # Values: x[0].trace_id="1", x[1].trace_id="", x[2].trace_id="", x[3].trace_id=""
-        #     # Order: no explicit order → ClickHouse internal storage order
-        #     # Behaviour:
-        #     # AdjustKeys no-op
-        #     # Select trace_id is mapped to top level field by field mapper
-        #     # Empty order results in consistent random order
-        # ),
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[TelemetryFieldKey("log.trace_id")],
-        #     ),
-        #     lambda x: [
-        #         [x[2].id, x[2].timestamp, x[2].trace_id],
-        #         [x[1].id, x[1].timestamp, x[1].trace_id],
-        #         [x[0].id, x[0].timestamp, x[0].trace_id],
-        #         [x[3].id, x[3].timestamp, x[3].trace_id],
-        #     ],
-        #     id="select-log-trace-id-no-order",
-        #     # Justification (expected values and row order):
-        #     # Values: x[0].trace_id="1", x[1].trace_id="", x[2].trace_id="", x[3].trace_id=""
-        #     # Order: no explicit order → ClickHouse internal storage order
-        #     # Behaviour:
-        #     # AdjustKeys adjusts log.trace_id to log.trace_id:string
-        #     # Select log.trace_id is mapped to top level field by field mapper
-        #     # Empty order results in consistent random order
-        # ),
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[TelemetryFieldKey("body.trace_id")],
-        #     ),
-        #     lambda x: [
-        #         [x[2].id, x[2].timestamp, x[2].trace_id],
-        #         [x[1].id, x[1].timestamp, x[1].trace_id],
-        #         [x[0].id, x[0].timestamp, x[0].trace_id],
-        #         [x[3].id, x[3].timestamp, x[3].trace_id],
-        #     ],
-        #     id="select-body-trace-id-no-order",
-        #     # Justification (expected values and row order):
-        #     # Values: x[0].trace_id="1", x[1].trace_id="", x[2].trace_id="", x[3].trace_id=""
-        #     # Order: no explicit order → ClickHouse internal storage order
-        #     # Behaviour:
-        #     # AdjustKeys logic adjusts key "body.trace_id" to "log.trace_id:string"
-        # ),
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[TelemetryFieldKey("attribute.trace_id")],
-        #     ),
-        #     lambda x: [
-        #         [x[2].id, x[2].timestamp, x[2].attributes_string.get("trace_id", "")],
-        #         [x[1].id, x[1].timestamp, x[1].attributes_string.get("trace_id", "")],
-        #         [x[0].id, x[0].timestamp, x[0].attributes_string.get("trace_id", "")],
-        #         [x[3].id, x[3].timestamp, x[3].attributes_string.get("trace_id", "")],
-        #     ],
-        #     id="select-attribute-trace-id-no-order",
-        #     # Justification (expected values and row order):
-        #     # Values: x[0]="", x[1]="2", x[2]="", x[3]="" (only x[1] has attribute.trace_id set)
-        #     # Order: no explicit order → ClickHouse internal storage order
-        #     # Behaviour:
-        #     # AdjustKeys no-op
-        # ),
-        # pytest.param(
-        #     BuilderQuery(
-        #         signal="logs",
-        #         name="A",
-        #         select_fields=[TelemetryFieldKey("resource.trace_id")],
-        #     ),
-        #     lambda x: [
-        #         [x[2].id, x[2].timestamp, x[2].resources_string.get("trace_id", "")],
-        #         [x[1].id, x[1].timestamp, x[1].resources_string.get("trace_id", "")],
-        #         [x[0].id, x[0].timestamp, x[0].resources_string.get("trace_id", "")],
-        #         [x[3].id, x[3].timestamp, x[3].resources_string.get("trace_id", "")],
-        #     ],
-        #     id="select-resource-trace-id-no-order",
-        #     # Justification (expected values and row order):
-        #     # Values: x[0]="", x[1]="", x[2]="3", x[3]="" (only x[2] has resource.trace_id set)
-        #     # Order: no explicit order → ClickHouse internal storage order
-        #     # Behaviour:
-        #     # AdjustKeys no-op
-        # ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                order=[OrderBy(TelemetryFieldKey("trace_id"), "desc")],
-            ),
-            lambda x: [
-                _flatten_log(x[0]),
-                _flatten_log(x[2]),
-                _flatten_log(x[1]),
-                _flatten_log(x[3]),
-            ],
-            id="no-select-trace-id-order",
-            # Justification (expected values and row order):
-            # Values: x[0].trace_id="1", x[1].trace_id="", x[2].trace_id="", x[3].trace_id=""
-            # Order: trace_id DESC → x[0]("1") first, then x[2](""), x[1](""), x[3]("") in storage order
-            # Behaviour:
-            # AdjustKeys no-op
-            # Order by trace_id is mapped to top level field by field mapper
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                order=[OrderBy(TelemetryFieldKey("attribute.trace_id"), "desc")],
-            ),
-            lambda x: [
-                [*_flatten_log(x[1])[:14], x[1].attributes_string.get("trace_id", "")],
-                [*_flatten_log(x[2])[:14], x[2].attributes_string.get("trace_id", "")],
-                [*_flatten_log(x[0])[:14], x[0].attributes_string.get("trace_id", "")],
-                [*_flatten_log(x[3])[:14], x[3].attributes_string.get("trace_id", "")],
-            ],
-            id="no-select-attribute-trace-id-order",
-            # Justification (expected values and row order):
-            # attribute.trace_id values: x[0]="", x[1]="2", x[2]="", x[3]=""
-            # Behaviour: [BUG - user didn't get what they expected]
-            # AdjustKeys adjusts "attribute.trace_id" to "attribute.trace_id:string"
-            # Order by attribute.trace_id maps to attributes_string['trace_id']
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[TelemetryFieldKey("trace_id")],
-                order=[OrderBy(TelemetryFieldKey("trace_id"), "desc")],
-            ),
-            lambda x: [
-                [x[0].id, x[0].timestamp, x[0].trace_id],
-                [x[2].id, x[2].timestamp, x[2].trace_id],
-                [x[1].id, x[1].timestamp, x[1].trace_id],
-                [x[3].id, x[3].timestamp, x[3].trace_id],
-            ],
-            id="select-trace-id-order-trace-id-desc",
-            # Justification (expected values and row order):
-            # Values: x[0].trace_id="1", x[1].trace_id="", x[2].trace_id="", x[3].trace_id=""
-            # Order: trace_id DESC → x[0]("1") first, then x[2](""), x[1](""), x[3]("") in storage order
-            # Behaviour:
-            # AdjustKeys no-op
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[TelemetryFieldKey("attribute.trace_id")],
-                order=[OrderBy(TelemetryFieldKey("attribute.trace_id"), "desc")],
-            ),
-            lambda x: [
-                [x[1].id, x[1].timestamp, x[1].attributes_string.get("trace_id", "")],
-                [x[2].id, x[2].timestamp, x[2].attributes_string.get("trace_id", "")],
-                [x[0].id, x[0].timestamp, x[0].attributes_string.get("trace_id", "")],
-                [x[3].id, x[3].timestamp, x[3].attributes_string.get("trace_id", "")],
-            ],
-            id="select-attribute-trace-id-order-attribute-trace-id-desc",
-            # Justification (expected values and row order):
-            # AdjustKeys: no-op for both select and order, "attribute.trace_id" is a valid attribute key
-            # Field mapping: "attribute.trace_id" → attributes_string["trace_id"]
-            # Values: x[0]="", x[1]="2", x[2]="", x[3]="" (only x[1] has attribute.trace_id set)
-            # Order: attribute.trace_id DESC → x[1]("2") first, then x[2](""), x[0](""), x[3]("") in storage order
-            # Behaviour:
-            # AdjustKeys no-op
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[TelemetryFieldKey("resource.trace_id")],
-                order=[OrderBy(TelemetryFieldKey("resource.trace_id"), "desc")],
-            ),
-            lambda x: [
-                [x[2].id, x[2].timestamp, x[2].resources_string.get("trace_id", "")],
-                [x[1].id, x[1].timestamp, x[1].resources_string.get("trace_id", "")],
-                [x[0].id, x[0].timestamp, x[0].resources_string.get("trace_id", "")],
-                [x[3].id, x[3].timestamp, x[3].resources_string.get("trace_id", "")],
-            ],
-            id="select-resource-trace-id-order-resource-trace-id-desc",
-            # Justification (expected values and row order):
-            # AdjustKeys: no-op for both select and order, "resource.trace_id" is a valid resource key
-            # Field mapping: "resource.trace_id" → resources_string["trace_id"]
-            # Values: x[0]="", x[1]="", x[2]="3", x[3]="" (only x[2] has resource.trace_id set)
-            # Order: resource.trace_id DESC → x[2]("3") first, then x[1](""), x[0](""), x[3]("") in storage order
-            # Behaviour:
-            # AdjustKeys no-op
-        ),
-        pytest.param(
-            BuilderQuery(
-                signal="logs",
-                name="A",
-                select_fields=[TelemetryFieldKey("body.trace_id")],
-                order=[OrderBy(TelemetryFieldKey("body.trace_id"), "desc")],
-            ),
-            lambda x: [
-                [x[0].id, x[0].timestamp, x[0].trace_id],
-                [x[2].id, x[2].timestamp, x[2].trace_id],
-                [x[1].id, x[1].timestamp, x[1].trace_id],
-                [x[3].id, x[3].timestamp, x[3].trace_id],
-            ],
-            id="select-body-trace-id-order-body-trace-id-desc",
-            # Justification (expected values and row order):
-            # AdjustKeys: adjusts "body.trace_id" to "log.trace_id:string" for both select and order
-            # Field mapping: "log.trace_id:string" → top-level trace_id column
-            # Values: x[0].trace_id="1", x[1].trace_id="", x[2].trace_id="", x[3].trace_id=""
-            # Order: trace_id DESC → x[0]("1") first, then x[2](""), x[1](""), x[3]("") in storage order
-            # Behaviour:
-            # AdjustKeys logic adjusts key "body.trace_id" to "log.trace_id:string"
-        ),
-    ],
-)
-def test_logs_list_query_trace_id_expectations(
-    signoz: types.SigNoz,
-    create_user_admin: None,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    insert_logs: Callable[[List[Logs]], None],
-    query: BuilderQuery,
-    results: Callable[[List[Logs]], List[Any]],
-) -> None:
-    """
-    Justification for expected rows and ordering:
-    Four logs differ by where trace_id is set: top-level (x[0]), attribute (x[1]),
-    resource (x[2]), or only in body text (x[3]). Each parametrized case documents
-    which column AdjustKeys/field mapping reads and why DESC ties break in storage order.
-
-    Setup:
-    Insert logs with corrupt trace_id
-
-    Tests:
-    """
-    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
-
-    logs = [
-        Logs(
-            timestamp=now - timedelta(seconds=4),
-            body="POST /integration request received",
-            severity_text="INFO",
-            resources={
-                "service.name": "http-service",
-                "timestamp": "corrupt_data",
-            },
-            attributes={
-                "severity_text": "corrupt_data",
-                "timestamp": "corrupt_data",
-            },
-            trace_id="1",
-        ),
-        Logs(
-            timestamp=now - timedelta(seconds=3),
-            body="SELECT query executed",
-            severity_text="DEBUG",
-            resources={
-                "service.name": "http-service",
-                "id": "corrupt_data",
-            },
-            attributes={
-                "trace_id": "2",
-            },
-        ),
-        Logs(
-            timestamp=now - timedelta(seconds=2),
-            body="HTTP PATCH failed with 404",
-            severity_text="WARN",
-            resources={
-                "service.name": "http-service",
-                "body": "corrupt_data",
-                "trace_id": "3",
-            },
-            attributes={
-                "id": "1",
-            },
-        ),
-        Logs(
-            timestamp=now - timedelta(seconds=1),
-            body="{'trace_id': '4'}",
-            severity_text="ERROR",
-            resources={
-                "service.name": "topic-service",
-            },
-            attributes={
-                "body": "corrupt_data",
-                "timestamp": "corrupt_data",
-            },
-        ),
-    ]
-    insert_logs(logs)
-
-    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    # Query Logs for the last 1 minute and check if the logs are returned in the correct order
-    response = make_query_request(
-        signoz,
-        token,
-        start_ms=int(
-            (datetime.now(tz=timezone.utc) - timedelta(minutes=10)).timestamp() * 1000
-        ),
-        end_ms=int(datetime.now(tz=timezone.utc).timestamp() * 1000),
-        request_type="raw",
-        queries=[query.to_dict()],
-    )
-
-    assert response.status_code == HTTPStatus.OK
-
-    if response.status_code == HTTPStatus.OK:
-        if not results(logs):
-            # No results expected
-            assert response.json()["data"]["data"]["results"][0]["rows"] is None
-        else:
-            print(response.json())
-            rows = response.json()["data"]["data"]["results"][0]["rows"]
-            assert len(rows) == len(
-                results(logs)
-            ), f"Expected {len(results(logs))} rows, got {len(rows)}"
-            for row, expected_row in zip(rows, results(logs)):
-                data = row["data"]
-                keys = list(data.keys())
-                for i, expected_value in enumerate(expected_row):
-                    assert (
-                        data[keys[i]] == expected_value
-                    ), f"Row mismatch at key '{keys[i]}': expected {expected_value}, got {data[keys[i]]}"
-
-
-def _flatten_log(log: Logs) -> List[Any]:
-    return [
-        log.attributes_bool,
-        log.attributes_number,
-        log.attributes_string,
-        log.body,
-        log.id,
-        log.resources_string,
-        log.scope_name,
-        log.scope_string,
-        log.scope_version,
-        log.severity_number,
-        log.severity_text,
-        log.span_id,
-        log.timestamp,
-        log.trace_flags,
-        log.trace_id,
-    ]
--- a/tests/integration/src/querier/util.py
+++ b/tests/integration/src/querier/util.py
@@ -4,7 +4,6 @@ from typing import List

 import requests

-from fixtures.logs import Logs
 from fixtures.traces import TraceIdGenerator, Traces, TracesKind, TracesStatusCode


@@ -39,101 +38,6 @@ def assert_identical_query_response(
        ), "Response data do not match"


-def generate_logs_with_corrupt_metadata() -> List[Logs]:
-    """
-    Specifically, entries with 'id', 'timestamp', 'severity_text', 'severity_number' and 'body' fields in metadata
-    """
-    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
-
-    return [
-        Logs(
-            timestamp=now - timedelta(seconds=4),
-            body="POST /integration request received",
-            severity_text="INFO",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "http-service",
-                "os.type": "linux",
-                "host.name": "linux-000",
-                "cloud.provider": "integration",
-                "cloud.account.id": "000",
-                "timestamp": "corrupt_data",
-            },
-            attributes={
-                "net.transport": "IP.TCP",
-                "http.scheme": "http",
-                "http.user_agent": "Integration Test",
-                "http.request.method": "POST",
-                "http.response.status_code": "200",
-                "severity_text": "corrupt_data",
-                "timestamp": "corrupt_data",
-            },
-            trace_id="1",
-        ),
-        Logs(
-            timestamp=now - timedelta(seconds=3),
-            body="SELECT query executed",
-            severity_text="DEBUG",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "http-service",
-                "os.type": "linux",
-                "host.name": "linux-000",
-                "cloud.provider": "integration",
-                "cloud.account.id": "000",
-                "severity_number": "corrupt_data",
-                "id": "corrupt_data",
-            },
-            attributes={
-                "db.name": "integration",
-                "db.operation": "SELECT",
-                "db.statement": "SELECT * FROM integration",
-                "trace_id": "2",
-            },
-        ),
-        Logs(
-            timestamp=now - timedelta(seconds=2),
-            body="HTTP PATCH failed with 404",
-            severity_text="WARN",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "http-service",
-                "os.type": "linux",
-                "host.name": "linux-000",
-                "cloud.provider": "integration",
-                "cloud.account.id": "000",
-                "body": "corrupt_data",
-                "trace_id": "3",
-            },
-            attributes={
-                "http.request.method": "PATCH",
-                "http.status_code": "404",
-                "id": "1",
-            },
-        ),
-        Logs(
-            timestamp=now - timedelta(seconds=1),
-            body="{'trace_id': '4'}",
-            severity_text="ERROR",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "topic-service",
-                "os.type": "linux",
-                "host.name": "linux-001",
-                "cloud.provider": "integration",
-                "cloud.account.id": "001",
-            },
-            attributes={
-                "message.type": "SENT",
-                "messaging.operation": "publish",
-                "messaging.message.id": "001",
-                "body": "corrupt_data",
-                "timestamp": "corrupt_data",
-            },
-        ),
-    ]
-
-
 def generate_traces_with_corrupt_metadata() -> List[Traces]:
    """
    Specifically, entries with 'id', 'timestamp', 'trace_id' and 'duration_nano' fields in metadata
Author	SHA1	Message	Date
nityanandagohain	fe016dd941	fix: add nolint:nilnil	2026-04-07 12:16:41 +05:30
nityanandagohain	8794f61ab7	fix: update comment	2026-04-07 10:38:30 +05:30
nityanandagohain	3d62a286ad	feat: improve perf for queries with empty resource filter	2026-04-07 10:33:27 +05:30