Description
Cidr_match function is common in the security space and thus frequent in ESQL and thus needs to be as performant as possible.
Currently this is implemented only inside the engine - this needs to be improved so it can be pushed down to the storage as a Terms/TermQuery which currently doesn't happen.
We have this functionality already supported in EQL and it should be straight-forward to port it to ES|QL.
As this has significant performance implications, I'm marking this as a bug.
Description
Cidr_match function is common in the security space and thus frequent in ESQL and thus needs to be as performant as possible.
Currently this is implemented only inside the engine - this needs to be improved so it can be pushed down to the storage as a Terms/TermQuery which currently doesn't happen.
We have this functionality already supported in EQL and it should be straight-forward to port it to ES|QL.
As this has significant performance implications, I'm marking this as a bug.