Falcon LogScale 1.192.0 GA (2025-06-10)

Version^?	Type^?	Release Date^?	Availability^?	End of Support	Security Updates	Upgrades From^?	Downgrades To^?	Config. Changes^?
1.192.0	GA	2025-06-10	Cloud	Next LTS	No	1.150.0	1.177.0	No

Available for download two days after release.

Hide file download links

Show file download links

Download

Use docker pull humio/humio-core:1.192.0 to download the latest version
server-linux_x64-1.192.0.tar.gz
server-alpine_x64-1.192.0.tar.gz

Bug fixes and updates

Advance Warning
The following items are due to change in a future release.
Functions
Starting from release 1.195, the query functions asn() and ipLocation() will display an error instead of a warning should an error occur with their external dependency. This change will align their behavior to functions using similar external resources, like match(), iocLookup(), and cidr().

Deprecation
Items that have been deprecated and may be removed in a future release.
The color field on the Role type has been marked as deprecated (will be removed in version 1.195).
The setConsideredAliveUntil and setConsideredAliveFor GraphQL mutations are deprecated and will be removed in 1.195.
The lastScheduledSearch field from the ScheduledSearch datatype is now deprecated and planned for removal in LogScale version 1.202. The new lastExecuted and lastTriggered fields have been added to the ScheduledSearch datatype to replace lastScheduledSearch.
The EXTRA_KAFKA_CONFIGS_FILE configuration variable has been deprecated and planned to be removed no earlier than version 1.225.0. For more information, see RN Issue.

New features and improvements

GraphQL API
- Labels can now be added to files through the GraphQL mutations: newFile() and updateFile(), and can be queried on the File input datatype.
Dashboards and Widgets
- To support the output of the correlate() function introduced in this version, the Table widget has a new format setting Group fields by prefix to display fields from the same event in a single column.
Functions
- The new correlate() function for advanced event pattern detection is now available. This feature enables users to identify specific sequences of events.
  Key capabilities:
  - Search for related event groups and patterns
  - Define temporal relationships
  - Configure custom detection criteria
  Example use case: Search for a sequence where a user has three failed login attempts followed by a successful login within a five-minute window.
  For detailed implementation guidelines and configuration options, please refer to the correlate() function documentation.
  For more information, see correlate().

Fixed in this release

User Interface
- Filtering on the result of an aggregation could lead to more rows in the UI than there should be. This issue has now been fixed.
Automation and Alerts
- The Time Selector now correctly retains the timestamp selected in Advanced settings when editing a trigger in the Search page. Previously, it would always default to @ingesttimestamp.

Improvement

GraphQL API
- Extended the analyzeQuery() endpoint with an optional time interval. This allows validating the interval for syntax errors.
Storage
- Reduced memory usage when working with large tables (for example, those defined by defineTable()).
Functions
- Searches using ID filters such as with in(@id, values=[...]) are now being optimized to run more efficiently. This improvement is especially noticeable when drilling down into results using the correlate() function.

Release Notes

Understanding Releases and Notes

LogScale Metrics

Limits & Standards

LogScale Notices

Falcon LogScale 1.192.0 GA (2025-06-10)

Enter search term