Falcon LogScale Collector 1.8.2 GA (2025-03-12)

Version^?	Type^?	Release Date^?	Config.Changes^?
1.8.2	GA	2025-03-12	no

Hide file hashes

Show file hashes

File	SHA256 Checksum	Hash File
linux_amd64.deb	431b0652431e9990db03acccd6b3757c58d5da4a49992c12385a75b7e63c0229
linux_amd64.rpm	a189fd624327066d0410cb9d97b572768d2e0806834e784dfa8e5966278cdd93
linux_arm64.deb	e73158dedb19c6b4f74e42e1d5266d028c5e03b05c10647da51ce86e5aab95a6
linux_arm64.rpm	ad990e719ac1128296c73ae14bad44829e7674572f117e8ffd7a005891352ff3
macOS_universal.pkg	a36dfb84fd18761e96fe6e2d523ea3a53f71e461ba4138ccd688e60694635a57
windows_amd64.msi	94b1324dad8e1bb980b14585e1936109dd3184b27638213d7d3d653c7b0268aa

Docker Image	Architecture	SHA256 Checksum	Hash File
logscale-collector:1.8.2	amd64	27b4fb31a8161a98c0cb78ff983075a2ce37adbd1648ad241a4c449d264ce9b1
logscale-collector:1.8.2	arm64	27b4fb31a8161a98c0cb78ff983075a2ce37adbd1648ad241a4c449d264ce9b1

Highlights

Improved disk queue memory management to reduce memory usage.
Optimizations and security updates.

Improvements, new features and functionality

Collecting Data
- The disk queue implementation has been optimized to reduce memory usage. This enhancement addresses potential out-of-memory issues some customers experienced when using disk queues. The update maintains performance while providing more efficient memory utilization, allowing for better stability and resource management in high-volume logging scenarios.
  Internal tests demonstrate a reduction in memory usage by a factor of 2 to 4 in scenarios using a disk queue.
Other
- Error handling when loading a new configuration has been made more consistent.
  - If using a remote configuration and reloading an invalid configuration, the collector will continue waiting for a new remote configuration.
  - If using a local configuration and reloading an invalid configuration, the service will exit. Previously, it would keep running without collecting data.
- When reloading the config file (by sending SIGHUP), running pipelines are only restarted if the config file has been changed (comparison on the string contents, white space changes cause restarts). This used to be the case when running with a remote configuration, but when running with a local config, the pipelines were always restarted.
- The Go version has been updated to take advantage of the latest optimizations and security updates.
Debugging
- Internal log messages have been improved, and additional debug level messages regarding disk queue handling have been added.
Fleet Management
- The Falcon LogScale Collector now sends a shorter OS string to Fleet Management. This is in preparation for an upcoming Fleet Management feature which allows categorizing collectors by their OS (Windows, Linux or macOS) instead of relying on an arbitrary string.
Installation and Deployment
- Helm chart: The helm chart now supports overriding the sink type to allow sending data to a data connector in Next-gen SIEM.

Versions of this Page

Falcon LogScale Collector 1.8.2 GA (2025-03-12)

Enter search term