Falcon LogScale Collector 1.10.0 GA (2025-08-15)
| Version? | Type? | Release Date? | Config.Changes? |
|---|---|---|---|
| 1.10.0 | GA | 2025-08-15 | no |
Hide file hashes
| File | SHA256 Checksum | Hash File |
|---|---|---|
| linux_amd64.deb | 2ee08be268f4148cb5b865c8a4605f1c81ede2147e6265b593699be6b1ab6cc7 | |
| linux_amd64.rpm | cd913c4e5a205689b15810b6e5cb0f3ce1ca6e11c9e52510770b3a31090d6692 | |
| linux_arm64.deb | 46a13c5986696300560287d741aaf670c09e0a224c82599b42beb813f54cc38d | |
| linux_arm64.rpm | bd98964b21d309c8903204fbee4bf261029ecc3bf550bf274f3966bf156b4407 | |
| macOS_universal.pkg | df2a816468736cc8a9b69b0dc8f143e06d220cbdf6e9cbb4b6742ffb509c70e2 | |
| windows_amd64.msi | 484cae0337d973771c8695c60502c13bdb9c74b93fdae21489d5f7edcf98187d |
| Docker Image | Architecture | SHA256 Checksum | Hash File |
|---|---|---|---|
| logscale-collector:1.10.0 | amd64 | efd590fb06d0e123c283e82401fc7619eef5429be3998a4cd6f34a1ae89c77e8 | |
| logscale-collector:1.10.0 | arm64 | efd590fb06d0e123c283e82401fc7619eef5429be3998a4cd6f34a1ae89c77e8 |
Improvements, new features and functionality
Collecting Data
Added support for routing syslog messages to multiple destinations using a new internal re-routing architecture. You can now configure different processing rules through transformations for each destination path, and route logs based on content patterns using regex filters. For complete implementation details, please refer to the documentation.
The internal representation and calculation of batch sizes has been changed to make it more similar to how events are represented in LogScale/NG SIEM. Previously, a batch where all events had identical fields would only report the size of the fields once, now field sizes are reported per event leading to a more correct representation of event sizes. An additional benefit of this change is that the internal batching and queuing system is now independent of the transport protocol used.
The
regex_filtertransform now supports filtering on fields. Previously this transform only supported filtering events using regex patterns applied to the event message.Optimized the way that event batches are created to stay within the max batch size limits.
Debugging
Internal log messages have been improved with additional context. For example, messages regarding sink communication now include the sink name.
Other
To take advantage of the latest optimizations and security updates, the Go version has been updated. Also, various security posture hardening improvements have been implemented.
Installation and Deployment
Full Install (on Linux) now supports automatically adding capabilities
CAP_DAC_READ_SEARCHandCAP_NET_BIND_SERVICEto the Log Collector systemd service file. This allows the Collector to read system files and bind to port numbers lower than 1024.To enable this at installation time use the flag
--enable-capabilities.
Bug Fixes
Installation and Deployment
Enhanced the Linux uninstallation process for full installations. Previously, the logscale-collector group remained in place after uninstallation on certain Linux distributions, which could interfere with subsequent reinstallations. The uninstall script now correctly removes both the user and the group, ensuring clean reinstallations.
Known Issues
Collecting Data
Environment variable expansion is not supported when using the
static_fieldstransform in this release.