Falcon LogScale 1.106.1 GA (2023-09-18)
| Version? | Type? | Release Date? | Availability? | End of Support | Security Updates | Upgrades From? | Downgrades To? | Config. Changes? |
|---|---|---|---|---|---|---|---|---|
| 1.106.1 | GA | 2023-09-18 | Cloud | 2024-09-30 | No | 1.70.0 | 1.26.0 | No |
Bug fixes and updates.
New features and improvements
Installation and Deployment
The following adjustments have been made to the launcher script:
Removed UnlockDiagnosticVMOptions
Raised default heap size to 75% of host memory, up from 50%
Move
-XX:CompileCommandsettings into the mandatory launch options, to prevent accidentally removing them when customizingHUMIO_JVM_PERFORMANCE_OPTS.Set
-XX:MaxDirectMemorySizeto 1/5GB per CPU core as a default.Print a warning if the sum of the heap size and the direct memory setting exceeds the total available memory.
Configuration
GCS bucketing and query streaming now use the same proxy configuration as overall system proxy and S3 proxy. Example:
HTTP_PROXY_HOST,HTTP_PROXY_PORT,HTTP_PROXY_USERNAME,HTTP_PROXY_PASSWORD
Fixed in this release
Functions
Fixed a bug where
join()queries could result in a memory leak from their sub queries not being properly cleaned up.
Recent Package Updates
The following LogScale packages have been updated within the last month.
Package Changes
broadcom/proxysg has been updated to v0.1.0.
Initial version
For more information, see Package broadcom/proxysg Release Notes.
broadcom/proxysg has been updated to v0.2.0.
Added web as an event category in the event.category[] array.
For more information, see Package broadcom/proxysg Release Notes.
zscaler/internet-access has been updated to v0.2.0.
Changes the firewall, dns, tunnel, and web parsers to normalise event data to common schema.
Adds new dashboards and queries for working with web-logs.
Removes CASB parser, and old queries and dashboards from the package. To keep those, stay on the old version of the package.
Bumps minimum supported version of LogScale for the package to 1.102.
For more information, see Package zscaler/internet-access Release Notes.
humio/activity has been updated to v1.2.0.
Minimum supported LogScale version bumped to 1.102.0.
Added new dashboards Standard Alert Details, Filter Alert Details, and Scheduled Search Details. These new dashboards can be opened from all tables in the existing dashboards using the three dots menu next to a row.
Added view interactions, see below.
Increased limits on all tables to 1000 rows.
Improved sorting on all dashboards.
For more information, see Package humio/activity Release Notes.
okta/sso has been updated to v0.1.1.
Bumps the minimum supported version of LogScale from 1.15 to 1.82
Handles more elements in the target object
Fixes broken URL in the readme
For more information, see Package okta/sso Release Notes.
google/chrome-enterprise-security-events has been updated to v0.1.5.
Introduces 2 new dashboards: Extension Monitoring and ChromeOS Overview.
Includes additional widgets for new Google Chrome Enterprise Events, such as Chrome Remote Desktop (CRD) and Password Reuse Events.
Reorganized widgets within the Security Overview for better visibility of notable events.
Added parameters to dashboards to aid pivoting on key values.
Bumps the minimum supported version of LogScale to 1.82
For more information, see Package google/chrome-enterprise-security-events Release Notes.