Humio Server 1.2.5 Archive (2019-01-09)
|Version||Type||Release Date||End of Support||Upgrades From||Data Migration||Config. Changes|
Allow * as fields for lowercase function to allow lower casing all field names and values. Recommended use case is in the ingest pipeline as this is an expensive operation.
Added new query functions
HEC protocol now accepts data at "/services/collector" url too. And accepts authorization in the form of a "Authorization" header with any realm name, as long as the token is a valid Humio token. This allows using e.g fluentd and other software to ship to Humio using HEC.
If the parser ends up setting a timestamp before 1971, or does not set a timestamp, use now as timestamp for the ingested event. Same for timestamps more than 10 seconds into the future.
Query performance improved by fixing a bottleneck that was noticeable on CPUs with more than 16 cores.
Basic auth (used mostly on ingest endpoints) now allows putting the token into the password field instead of the username field. Use of the password field is recommended as some software treats the password as secret and the username as public.
Segments with blocks where all timestamps are zero were reported as broken when trying to read them.
Timeouts on the http endpoint have been changed from 60s to infinite. This allows exporting from queries that hit very little data, e.g. a live query that receives one event every hour.
Humio will by default write threaddumps to the file
humio-threaddumps.logevery 10 seconds. This is configurable using the configuration parameter DUMP_THREADS_SECONDS. Before this was disabled by default.
Audit-logging did not happen for queries using the "/query" endpoint i.e. using the export button in the UI.
When running with PREFIX_AUTHORIZATION_ENABLED=true Alerts and Shared dashboards now run as the user who saved them, restricted to those prefixes that the users has at the time the query starts.