Latest GA Release

Falcon LogScale 1.165.0 GA (2024-11-19)

Version?Type?Release Date?Availability?End of Support

Security

Updates

Upgrades

From?

Config.

Changes?
1.165.0GA2024-11-19

Cloud

Next LTSNo1.112No

Available for download two days after release.

Bug fixes and updates.

Deprecation

Items that have been deprecated and may be removed in a future release.

  • The lastScheduledSearch field from the ScheduledSearch datatype is now deprecated and planned for removal in LogScale version 1.202. The new lastExecuted and lastTriggered fields have been added to the ScheduledSearch datatype to replace lastScheduledSearch.

New features and improvements

  • Security

    • Users can now see and use saved queries without needing the CreateSavedQueries and the UpdateSavedQueries permissions.

    • Users can now see actions in restricted read-only mode when they have the ReadAccess permission on the repository or view.

  • UI Changes

    • Files grouped by package are now displayed back again on the Files page including the Package Name column, which was temporarily unavailable after the recent page overhaul.

  • GraphQL API

  • API

    • Implemented support for returning a result over 1GB in size on the /api/v1/globalsubset/clustervhost endpoint. There is now a limit on the size of 8GB of the returned result.

  • Configuration

  • Ingestion

    • Increased a timeout for loading new CSV files used in parsers to reduce the likelihood of having the parser fail.

    • Added logging when a parser fails to build and ingest defaults to ingesting without parsing. The log lines start with Failed compiling parser.

  • Functions

    • A new parameter trim has been added to the parseCsv() function to ignore whitespace before and after values. In particular, it allows quotes to appear after whitespace. This is a non-standard extension useful for parsing data created by sources that do not adhere to the CSV standard.

    • The following new functions have been added:

    • bitfield:extractFlags() can now handle unsigned 64 bit input. It can also handle larger integers, but only the lowest 64 bits will be extracted.

Fixed in this release

  • GraphQL API

    • role.users query has been fixed as it would return duplicate users in some cases.

  • Storage

    • Recently ingested data could be lost when the cluster has bucket storage enabled, USING_EPHEMERAL_DISKS is set to false, and a recently ingested segment only exists in bucket storage. This issue has now been fixed.

    • LogScale could spuriously log Found mini segment without replacedBy and a merge target that already exists errors when a repository is undeleted. This issue has been fixed.

  • Functions

    • start and end arguments for defineTable() sub-queries did not correctly handle the end of time interval of the primary query. It was relative to "now", and has been fixed to be relative to the end of the primary query.

  • Other

    • Query result highlighting would crash cluster nodes when getting filter matches for some regexes. This issue has been fixed.