Falcon LogScale 1.195.0 GA (2025-07-01)

Version^?	Type^?	Release Date^?	Availability^?	End of Support	Security Updates	Upgrades From^?	Downgrades To^?	Config. Changes^?
1.195.0	GA	2025-07-01	Cloud	Next LTS	No	1.150.0	1.177.0	No

Available for download two days after release.

Hide file download links

Show file download links

Download

Use docker pull humio/humio-core:1.195.0 to download the latest version
server-linux_x64-1.195.0.tar.gz
server-alpine_x64-1.195.0.tar.gz

Bug fixes and updates

Removed
Items that have been removed as of this release.
Configuration
Removed server compatibility checks from multi-cluster searches. These checks became obsolete due to some internal implementation changes occurred in past versions. The new behavior is described at Multi-Cluster Compatibility Across Versions.
Additional related changes:
Removed the UNSAFE_RELAX_FEDERATED_PROTOCOL_VERSION_CHECK environment variable.
Deprecated the remoteServerCompatVersion field in the RemoteClusterConnectionStatus type (returned by the checkRemoteClusterConnection() GraphQL query).
Will remove the remoteServerCompatVersion field no earlier than version 1.207, following the ShortTerm API stability deprecation policy.
The QueryBacktrackingLimit feature flag has been removed. Use the QueryBacktrackingLimit dynamic configuration to adjust the limit.

Deprecation
Items that have been deprecated and may be removed in a future release.
The datasource-count metric has been deprecated and will be removed in version 1.201 of LogScale.
The information about the total number of datasources is available via the logs by the GlobalSegmentStatsLoggerJob in the datasources field. When a new datasource is created or marked as deleted, the total number of datasources is logged in the datasourceCount field.
The setConsideredAliveUntil and setConsideredAliveFor GraphQL mutations are deprecated and will be removed in 1.195.
The lastScheduledSearch field from the ScheduledSearch datatype is now deprecated and planned for removal in LogScale version 1.202. The new lastExecuted and lastTriggered fields have been added to the ScheduledSearch datatype to replace lastScheduledSearch.
The EXTRA_KAFKA_CONFIGS_FILE configuration variable has been deprecated and planned to be removed no earlier than version 1.225.0. For more information, see RN Issue.
rdns() has been deprecated and will be removed in version 1.249. Use reverseDns() as an alternative function.

Behavior Changes
Scripts or environment which make use of these tools should be checked and updated for the new configuration:
Storage
Changed segment upload behavior to use the first available ownerHosts that is alive instead of just the first ownerHost.
Reverted a change from version 1.191.0 that increased the buffer size used for parsing global snapshots, as the change did not yield the expected performance improvements.
Ingestion
Parsing Data now only report missing lookup files when the query statement using the file is actually evaluated. For example, when using case branching with a missing lookup file that the event doesn't hit, no warning will be generated for the missing file.
Queries
Changed HTTP status code from 400 to 503 when a query fails to start due to internal errors, such as query queue being full.

New features and improvements

GraphQL API
- Added new GraphQL mutation copySavedQuery(). This mutation allows copying a saved query, optionally into another repository.
Ingestion
- Added ingest feeds for consuming data from Azure Event Hubs, this feature is now available on cloud and was released for self hosted as of 1.189.0.
  For more information, see Ingest Data from Azure Event Hubs.

Fixed in this release

Dashboards and Widgets
- Fixed an issue where clicking a preset interaction, such as Go to events link in the Table widget to add a field filter to the end of a query, would convert a safe value into an incorrect regex.
Queries
- Fixed an issue that caused incorrect worker assignments to a query after handover operations. These incorrect assignments would lead to unnecessary query restarts.
- During digest restart, live queries could miss some events in cases where the live query had dependencies, such as dependencies on a lookup file. This issue has now been fixed.
Other
- LogScale shutdown could be delayed if errors occurred during a shutdown already in progress.

Improvement

Automation and Alerts
- For filter and aggregate alerts, values for field-based throttling are now being hashed to save space.
  For Self-hosted only: this change enables storing more values for field-based throttling when using throttle fields with large values. See FILTER_ALERT_MAX_THROTTLE_FIELD_VALUES_STORED and AGGREGATE_ALERT_MAX_THROTTLE_FIELD_VALUES_STORED configuration variables.
  For Self-hosted only: if you need to downgrade after upgrading to this version, you might lose all values stored for field-based throttling, causing alerts with field-based throttling to trigger again although they should have been throttled. This will occur at most once per throttling field value.
GraphQL API
- Added support for labels in the GraphQL API for Actions. Labels can now be:
  - Added to Actions through the GraphQL mutations for creating and updating Actions
  - Queried on the "Action" type
- Made the name input argument of createDashboardFromTemplateV2() mutation optional. If not supplied, the name will default to the name in the template.
Storage
- Reduced memory usage when handling numerical values in internal JSON representation.
Queries
- Enhanced query handling to prevent execution of queries originating from timed-out HTTP requests.
- Increased delays between repeated query restarts of the same static query.
- Improved consistency in log message format between slow query and query ended logs.
Functions
- Improved performance of the sort(), tail(), head(), and table() query functions in live queries.

Release Notes

Understanding Releases and Notes

LogScale Metrics

Limits & Standards

LogScale Notices

Falcon LogScale 1.195.0 GA (2025-07-01)

Enter search term