Falcon LogScale 1.198.0 GA (2025-07-22)

Version^?	Type^?	Release Date^?	Availability^?	End of Support	Security Updates	Upgrades From^?	Downgrades To^?	Config. Changes^?
1.198.0	GA	2025-07-22	Cloud	2026-09-30	No	1.150.0	1.177.0	No

Available for download two days after release.

Hide file download links

Show file download links

Download

Use docker pull humio/humio-core:1.198.0 to download the latest version
server-linux_x64-1.198.0.tar.gz
server-alpine_x64-1.198.0.tar.gz

Bug fixes and updates

Removed
Items that have been removed as of this release.
Configuration
Removed the following deprecated environment variables:

JOIN_ENABLED
SELFJOIN_ENABLED
WINDOW_ENABLED
SERIES_ENABLED

Deprecation
Items that have been deprecated and may be removed in a future release.
AUTOSHARDING_MAX configuration variable is now being deprecated and will be removed in version 1.207.
The lastScheduledSearch field from the ScheduledSearch datatype is now deprecated and planned for removal in LogScale version 1.202. The new lastExecuted and lastTriggered fields have been added to the ScheduledSearch datatype to replace lastScheduledSearch.
The EXTRA_KAFKA_CONFIGS_FILE configuration variable has been deprecated and planned to be removed no earlier than version 1.225.0. For more information, see RN Issue.
rdns() has been deprecated and will be removed in version 1.249. Use reverseDns() as an alternative function.

Behavior Changes
Scripts or environment which make use of these tools should be checked and updated for the new configuration:
Storage
AWS Netty client is now the disabled as the default HTTP client for S3 Bucket operation, and now reverts to the existing PekkoHttpClient by setting the default value of S3_NETTY_CLIENT to false. This change addresses performance issues identified when downloading significant amounts of data from the S3 Bucket for queries.
Ingestion
Ingest-only nodes (ingestonly node role) will no longer be selected as table coordinators.

New features and improvements

Administration and Management
- Added an election system to address hardware failures. A node can be elected using the REST endpoint /api/v1/internal/hardware-failure, marking a node as being elected with a hardware failure for 60 minutes.
  There are three reasons a node can be elected as bad:
  - Slow query: Query coordinators have seen the same node operating up to 100 times slower at query execution than others.
  - Poll connection timeout: Polls have timed out across all nodes in the cluster when trying to query a node.
  - Hardware failure: When hardware has underlying issues such as disk coruption, a node can be elected through the /api/v1/internal/hardware-failure endpoint, and eventually automatically evicted.
  All votes can be tracked through the log line Casting vote because a host is in a bad state. All elections can be tracked through the log line These nodes were deemed bad by the rest of the cluster.
User Interface
- The following repository/view pages in the LogScale web interface now manage assets in a table layout format:
  - Dashboards — new page layout for listing repository dashboards under the top bar menu item Dashboards.
  - Parsers — new page layout for listing repository parsers under the top bar menu item Parsers.
  - Actions — new page layout for listing repository actions under the top bar menu item Automation.
  - Resources — this is a new web interface page containing the following assets:
    Files (replaces the former Files top bar menu item; sorting capability not yet available at this time).
    Interactions — interactions have been moved from the repository Settings menu to this Resources page, with new columns for created/modified metadata (sorting capability not yet available at this time).
    Saved Searches — a new page for managing saved searches with the table format layout.
  These pages can now support scalable management of large asset volumes with improved search, filter and sort capabilities, making it easier to find the assets you're looking for.
- Redesigned the experience of managing saved queries on the Search page, by introducing new web interface items:
  - New Searches button next to the widget type selector
  - My recents tab — allows recalling recent queries in an updated page.
  - Saved Searches tab — opens a panel for saved searches with information like descriptions, labels, and last modified.
  - Favorites tab — displays saved queries that users marked as favorites.
  - Action buttons for saved and favorite searches, notably the Add as function button.
  - Updated dialog where you can now add/edit description of the saved search as well as labels.
  For more information, see Save searches.
API
- Added new GraphQL API capabilities for searching across different types of LogScale assets:
  - Extended <gqlfield>entitiesSearch</gqlfield> query endpoint to support sorting and filtering on specific asset properties. Use <gqlfield>entitiesPage</gqlfield> to navigate the results.
    Specify argument(s) for <gqlarg>paths</gqlarg> to search in to narrow down search result to e.g. a specific view.
  - New <gqlfield>entitiesLabels</gqlfield> query endpoint to get all labels across asset types.
    specify argument(s) for <gqlarg>paths</gqlarg> to search in to narrow down search result to e.g. a specific view.
  - New <gqlfield>entitiesPackages</gqlfield> query endpoint to get all package details across asset types.
  Added new fields to various asset types including <gqlfield>createdInfo</gqlfield> , <gqlfield>modifiedInfo</gqlfield> , and <gqlfield>labels</gqlfield> .
Configuration
- Added the configuration variable AZURE_STORAGE_RESPONSE_TIMEOUT_SECONDS, which configures the response timeout for Azure Bucket Storage operations to prevent and reduce response timeouts depending on the connection.
  For more information, see AZURE_STORAGE_RESPONSE_TIMEOUT_SECONDS.

Fixed in this release

Security
- Creating a repository token with the Change archiving settings permission will no longer result in an error. Additionally, giving the Change S3 archiving settings permission now gives the actual permission instead of the Change archiving settings permission.
Storage
- Corrected an issue where datasources migrating to new Kafka partitions during rebalancing carried over offsets from their original partitions, preventing LogScale from determining where to start digest.
  Migrated datasources now start with an offset of -1 and are marked as idle upon creation. This allows LogScale to skip these datasources when determining where to start digest, and will continue to ignore them until receiving a message.
Ingestion
- The data-ingester-parser-errors metric has been fixed as it was under-reporting, meaning it was showing fewer parser errors than were actually occurring (the data-ingester-errors metric reported errors as normal, though).
Queries
- Fixed an issue where slow queries were unable to search bucketed and replaced non-mini segments, because they were deleted from the bucket earlier than intended.

Improvement

Storage
- LogScale now validates segment file copies when creating them in secondary storage. This will help prevent file corruption during this type of transfer.
Queries
- LogScale now allows distribution of large query state caches of arbitrary size to followers.

Release Notes

Understanding Releases and Notes

LogScale Metrics

Limits & Standards

LogScale Notices

Falcon LogScale 1.198.0 GA (2025-07-22)

Enter search term