diff --git a/qa/sql/security/src/test/java/org/elasticsearch/xpack/qa/sql/security/JdbcSecurityIT.java b/qa/sql/security/src/test/java/org/elasticsearch/xpack/qa/sql/security/JdbcSecurityIT.java
index 2391946ceaa..074ea8795f7 100644
--- a/qa/sql/security/src/test/java/org/elasticsearch/xpack/qa/sql/security/JdbcSecurityIT.java
+++ b/qa/sql/security/src/test/java/org/elasticsearch/xpack/qa/sql/security/JdbcSecurityIT.java
@@ -229,7 +229,7 @@ public class JdbcSecurityIT extends SqlSecurityTestCase {
         createUser("full_access", "read_all");
 
         expectActionMatchesAdmin(
-            con -> con.getMetaData().getTables("%", "%", "%", null),
+            con -> con.getMetaData().getTables("%", "%", "%t", null),
             "full_access",
             con -> con.getMetaData().getTables("%", "%", "%", null));
         new AuditLogAsserter()
@@ -278,7 +278,7 @@ public class JdbcSecurityIT extends SqlSecurityTestCase {
         createUser("full_access", "read_all");
 
         expectActionMatchesAdmin(
-            con -> con.getMetaData().getColumns("%", "%", "%", "%"),
+            con -> con.getMetaData().getColumns("%", "%", "%t", "%"),
             "full_access",
             con -> con.getMetaData().getColumns("%", "%", "%", "%"));
         new AuditLogAsserter()
diff --git a/qa/sql/security/src/test/java/org/elasticsearch/xpack/qa/sql/security/SqlSecurityTestCase.java b/qa/sql/security/src/test/java/org/elasticsearch/xpack/qa/sql/security/SqlSecurityTestCase.java
index fed2e93dc07..b45b104684f 100644
--- a/qa/sql/security/src/test/java/org/elasticsearch/xpack/qa/sql/security/SqlSecurityTestCase.java
+++ b/qa/sql/security/src/test/java/org/elasticsearch/xpack/qa/sql/security/SqlSecurityTestCase.java
@@ -335,7 +335,7 @@ public abstract class SqlSecurityTestCase extends ESRestTestCase {
     }
 
     public void testShowTablesWorksAsAdmin() throws Exception {
-        actions.expectShowTables(Arrays.asList("bort", "test"), null);
+        actions.expectShowTables(Arrays.asList(".security-6", "bort", "test"), null);
         new AuditLogAsserter()
             .expectSqlCompositeAction("test_admin", "bort", "test")
             .assertLogs();
@@ -344,7 +344,7 @@ public abstract class SqlSecurityTestCase extends ESRestTestCase {
     public void testShowTablesWorksAsFullAccess() throws Exception {
         createUser("full_access", "read_all");
 
-        actions.expectMatchesAdmin("SHOW TABLES", "full_access", "SHOW TABLES");
+        actions.expectMatchesAdmin("SHOW TABLES LIKE '*t'", "full_access", "SHOW TABLES");
         new AuditLogAsserter()
             .expectSqlCompositeAction("test_admin", "bort", "test")
             .expectSqlCompositeAction("full_access", "bort", "test")