elastic · florent-leborgne · Oct 13, 2025 · Oct 13, 2025 · Oct 13, 2025 · Oct 13, 2025
@@ -1,6 +1,7 @@
 ---
 mapped_pages:
   - https://www.elastic.co/guide/en/kibana/current/_use_and_filter_dashboards.html
+description: Learn how to explore and interact with Kibana dashboards using filters, time ranges, and controls to uncover insights in your data.
 applies_to:
   stack: ga
   serverless: ga
@@ -10,6 +11,11 @@ products:
 
 # Exploring dashboards [_use_and_filter_dashboards]
 
+Kibana dashboards support filtering, time range adjustments, and interactive controls that let you focus on specific data segments or time periods.
+
+This page covers the main ways to explore dashboard data: using KQL queries, filter pills, time ranges, and dashboard controls. You'll also learn how to view underlying data and switch between different display modes.
+
+
 
 ## Search and filter your dashboard data [search-or-filter-your-data]
 
@@ -23,6 +29,20 @@ products:
 
 This section shows the most common ways for you to filter dashboard data. For more information about {{kib}} and {{es}} filtering capabilities, refer to [](/explore-analyze/query-filter.md).
 
+### Filter dashboards using the KQL query bar [_filter_dashboards_using_the_kql_query_bar]
+
+The query bar lets you build filters using [{{kib}} Query Language (KQL)](../query-filter/languages/kql.md). When typing, it dynamically suggests matching fields, operators, and values to help you get the exact results that you want.
+
+You can use KQL to create complex queries that filter your dashboard data. For example:
+- `status:error` to show only error records
+- `response_time > 1000` to display requests slower than 1 second
+- `user.name:"john doe" AND status:active` to combine multiple conditions
+
+:::{tip}
+:applies_to: {"stack": "preview 9.2", "serverless": "unavailable"}
+When working with large datasets, complex KQL queries might cause dashboards to load slowly. In versions 9.2 and later, you can [send long-running searches to the background](../discover/background-search.md) and continue working on other tasks while the data loads. A notification will appear when the search completes.
+:::
+
 
 ### Use filter pills [_use_filter_pills]
 

@@ -0,0 +1,111 @@
+---
+navigation_title: "Run queries in the background"
+mapped_pages:
+  - https://www.elastic.co/guide/en/kibana/current/search-sessions.html
+applies_to:
+  stack: preview 9.2
+  serverless: unavailable
+products:
+  - id: kibana
+description: Send your long-running queries to run in the background with background searches and search sessions, and focus on your other tasks while they complete.
+---
+
+# Run Discover and Dashboards queries in the background
+
+::::{important} - Background search replaces Search sessions
+
+Background search is a feature introduced in version 9.2. It replaces the deprecated **Search sessions** feature.
+If you have been using search sessions and upgrade to 9.2, your search sessions aren't lost and become background searches.
+::::
+
+Sometimes you might need to search through large amounts of data, no matter how long the search takes. Consider a threat hunting scenario, where you need to search through years of data. 
+
+You can send your long-running searches to the background from **Discover** or **Dashboards** and let them run while you continue your work. 
+
+A notification appears when a background search has completed, and allows you to open the list of background searches. You can also access that list at any time to check the status of your searches and interact with them from the {icon}`background_task` **Background searches** button in the toolbar.
+
+![Send search to background](https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/bltee31dcf0d3917c75/68ecf412e5bae49d65a286ff/background-search.gif " =75%")
+
+
+## Enable background searches
+
+This feature is disabled by default. You can enable background searches in versions 9.2 and higher, or search sessions in versions 9.1 and lower, by setting [`data.search.sessions.enabled`](kibana://reference/configuration-reference/search-sessions-settings.md) to `true` in the [`kibana.yml`](/deploy-manage/stack-settings.md) configuration file.
+
+:::{note} - Exception for search sessions users
+If you upgrade to version 9.2 or higher with search sessions enabled in the version you upgrade from, background searches are automatically enabled.
+:::
+
+## Usage requirements [_requirements]
+
+The background searches that you run are personal and only visible by you. To be able to use this feature, you must have the following minimum permissions:
+
+:::::{tab-set}
+:group: background search
+
+::::{tab-item} 9.2 and later
+:sync: 92
+To send searches to the background, and to view and interact with the list of background searches from **Discover** and **Dashboards** apps, you must have permissions for **Discover** and **Dashboard**, and for the [Background search subfeature](../../deploy-manage/users-roles/cluster-or-deployment-auth/kibana-privileges.md#kibana-feature-privileges).
+::::
+
+::::{tab-item} 9.1 and earlier
+:sync: 91
+In versions 9.1 and earlier, this feature is named **Search sessions**.
+* To save a session, you must have permissions for **Discover** and **Dashboard**, and the [Search sessions subfeature](../../deploy-manage/users-roles/cluster-or-deployment-auth/kibana-privileges.md#kibana-feature-privileges).
+* To view and restore a saved session, you must have access to **Stack Management**.
+::::
+
+:::::
+
+## Send a search to the background
+
+You can send a search to the background only after it starts running. Until then, the **Send to background** button is disabled.
+
+1. Write or edit the query.
+
+1. Select {icon}`play` **Run** (or {icon}`refresh` **Refresh** if you already ran the query at least once) to start executing the query. At this point, the {icon}`background_task` **Send to background** button becomes available.
+
+1. Select {icon}`background_task` **Send to background**. The search is sent to the background and added to the queue of background searches.
+
+You can resume your other tasks, for example start a new search, navigate to a different application, or close the browser. Once the search has completed, a notification informs you and lets you access the search to view its results.
+
+Background searches expire after 7 days. Beyond that period, you must run the search again.
+
+## Reopen or manage background searches
+
+From the list of background searches, you can reopen and edit any searches, but also extend their validity period or delete them to keep only searches that you care about.
+
+1. Open your list of background searches using one of the following methods:
+   - Once a background search has completed, a notification appears to inform you, with a link to open the list of background searches.
+   - If you miss the notification or need to access this list at any time, go to **Discover** or **Dashboards** and select the {icon}`background_task` **Background searches** button in the toolbar. This option is only available from version 9.2.
+
+     :::{tip}
+     From **Discover**, you can only view Discover background searches. And from **Dashboards**, you can only see Dashboards background searches.
+     :::
+   - Open the **Background Search** management page in {{kib}}.
+
+1. Find the background search that you want to interact with using the search or status filter options.
+   - To open it to view its results and continue your explorations, select its name. Relative dates are converted to absolute dates.
+   - To rename it, select the {icon}`boxes_horizontal` More actions button, then select {icon}`pencil` **Edit name**. By default, background searches get default names that indicate their execution date and time.
+   - To extend its current expiration date by another 7 days, select the {icon}`boxes_horizontal` More actions button, then select **Extend**.
+   - To delete it, select the {icon}`boxes_horizontal` More actions button, then select {icon}`trash` **Delete**.
+
+
+## Background search limitations in dashboards [_limitations]
+
+Some visualization features do not fully support background searches. When you restore a dashboard, panels with unsupported features won’t load immediately, but instead send out additional data requests, which can take a while to complete. The **Your background search is still running** warning appears. You can either wait for these additional requests to complete or come back to the dashboard later when all data requests have finished.
+
+A panel on a dashboard can behave like this if one of the following features is used:
+
+**Lens**
+
+* A **top values** dimension with an enabled **Group other values as "Other"** setting. This is configurable in the **Advanced** section of the dimension.
+* An **intervals** dimension.
+
+**Aggregation-based** visualizations
+
+* A **terms** aggregation with an enabled **Group other values in separate bucket** setting.
+* A **histogram** aggregation.
+
+**Maps**
+
+* Layers using joins, blended layers, or tracks layers.
@@ -308,6 +308,14 @@ Learn more about how to use ES|QL queries in [Using ES|QL](try-esql.md).
 :::{include} ../_snippets/inspect-request.md
 :::
 
+### Run long-running queries in the background
+```{applies_to}
+stack: ga 9.2
+serverless: unavailable
+```
+
+You can send your long-running KQL or {{esql}} queries to the background from **Discover** and let them run while you continue exploring your data. Refer to [Run queries in the background](/explore-analyze/discover/background-search.md).
+
 
 ### Save your Discover session for later use [save-discover-search]
 

@@ -161,7 +161,7 @@ toc:
       - file: discover/save-open-search.md
       - file: discover/show-field-statistics.md
       - file: discover/run-pattern-analysis-discover.md
-      - file: discover/search-sessions.md
+      - file: discover/background-search.md
       - file: discover/try-esql.md
   - file: dashboards.md
     children:

@@ -516,7 +516,8 @@ redirects:
 # Related to https://github.com/elastic/docs-content/pull/3318
   'solutions/security/manage-elastic-defend/identify-antivirus-software-on-hosts.md': 'solutions/security/manage-elastic-defend/automatic-troubleshooting.md'
 
-
+# Search sessions becoming background search
+  'explore-analyze/discover/search-sessions.md': 'explore-analyze/discover/background-search.md'
 
 
 
@@ -74,6 +74,9 @@ $$$glossary-zone$$$ availability zone
 
 ## B [b-glos]
 
+$$$glossary-background-search$$$ Background search
+:   A long-running query queued and executed while you perform other tasks. The results of the background search are stored for a period of time, so you can access it once it has completed. Background searches are user specific. Before {{stack}} 9.2, background searches are called ["search sessions"](#glossary-search-session).
+
 $$$glossary-basemap$$$ basemap
 :   The background detail necessary to orient the location of a map.
 
@@ -668,7 +671,7 @@ $$$glossary-scripted-field$$$ scripted field
 :   A field that computes data on the fly from the data in {{es}} indices. Scripted field data is shown in Discover and used in visualizations.
 
 $$$glossary-search-session$$$ search session
-:   A group of one or more queries that are executed asynchronously. The results of the session are stored for a period of time, so you can recall the query. Search sessions are user specific.
+:   A group of one or more queries that are executed asynchronously. The results of the session are stored for a period of time, so you can recall the query. Search sessions are user specific. From {{stack}} 9.2, search sessions are called ["background searches"](#glossary-background-search).
 
 $$$glossary-search-template$$$ search template
 :   A stored search you can run with different variables. See [Search templates](/solutions/search/search-templates.md).