diff --git a/detection_rules/rule.py b/detection_rules/rule.py
index 2239c9031..02713b5f8 100644
--- a/detection_rules/rule.py
+++ b/detection_rules/rule.py
@@ -1000,7 +1000,8 @@ class ESQLRuleData(QueryRuleData):
         # Ensure that keep clause includes metadata fields on non-aggregate queries
         aggregate_pattern = re.compile(r"\|\s*stats\b(?:\s+([^\|]+?))?(?:\s+by\s+([^\|]+))?", re.IGNORECASE | re.DOTALL)
         if not aggregate_pattern.search(query_lower):
-            keep_fields = [field.strip() for field in keep_match.group(1).split(",")]
+            raw_keep = re.sub(r"//.*", "", keep_match.group(1))
+            keep_fields = [field.strip() for field in raw_keep.split(",") if field.strip()]
             if "*" not in keep_fields:
                 required_metadata = {"_id", "_version", "_index"}
                 if not required_metadata.issubset(set(map(str.strip, keep_fields))):
diff --git a/pyproject.toml b/pyproject.toml
index f04756285..b23c79650 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "detection_rules"
-version = "1.5.42"
+version = "1.5.43"
 description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine."
 readme = "README.md"
 requires-python = ">=3.12"