Falcon LogScale 1.202.0 GA (2025-08-19)
| Version? | Type? | Release Date? | Availability? | End of Support | Security Updates | Upgrades From? | Downgrades To? | Config. Changes? |
|---|---|---|---|---|---|---|---|---|
| 1.202.0 | GA | 2025-08-19 | Cloud | Next LTS | No | 1.150.0 | 1.177.0 | No |
Available for download two days after release.
Hide file download links
Download
Use docker pull humio/humio-core:1.202.0 to download the latest version
Bug fixes and updates
Deprecation
Items that have been deprecated and may be removed in a future release.
AUTOSHARDING_MAXconfiguration variable is now being deprecated and will be removed in version 1.207.The
lastScheduledSearchfield from theScheduledSearchdatatype is now deprecated and planned for removal in LogScale version 1.202. The newlastExecutedandlastTriggeredfields have been added to theScheduledSearchdatatype to replacelastScheduledSearch.The
EXTRA_KAFKA_CONFIGS_FILEconfiguration variable has been deprecated and planned to be removed no earlier than version 1.225.0. For more information, see RN Issue.
rdns()has been deprecated and will be removed in version 1.249. UsereverseDns()as an alternative function.
New features and improvements
Configuration
Added new configuration variable
MAXMIND_USE_HTTP_PROXYto control whether MaxMind database downloads for query functionsasn()andipLocation()should use the configured HTTP proxy. The default is to use the proxy, which is the same behaviour as before this change.For more information, see HTTP Proxy Client Configuration, MaxMind Configuration.
Fixed in this release
Automation and Triggers
Fixed two issues with scheduled searches:
A failure to update a scheduled search could cause it to get stuck and not run until cluster restart.
A deleted scheduled search could cause the scheduled search job to continuously log that it was waiting for the scheduled search to finish.
For more information, see Scheduled searches.
Storage
Fixed an issue where the logs indicating which query took the longest to process a segment would appear long after query completion. Logging will now be delayed by no more than 10 seconds.
For more information, see LogScale Internal Logging.
Queries
Fixed an issue where a race condition was created between live query submission and digest start, in which the static part assigned to a worker cluster would be omitted if a live query coordinator submitted work to a worker cluster, starting a new digest session.
For more information, see Digest Rules.
Fixed an issue where certain regex patterns that could not be compiled by the JitRex engine would lead to very slow query submission and excessive resource usage.
For more information, see Regular Expression Syntax.
Fixed an issue where events would incorrectly remain unredacted when query strings used for redaction contained derived tags, such as #repo.
Improvement
Queries
Improved performance by compiling queries once instead of twice when starting alert jobs.
Multi-cluster search worker clusters no longer execute the result calculation pipeline for multi-cluster queries. This eliminates external-function calls and reverse DNS calls on remote clusters in multi-cluster search queries, reducing resource consumption.
For more information, see Searches in a Multi-Cluster Setup.
Queries will now preferentially read segments from non-evicted hosts, avoiding reading data from hosts that are being decommissioned.
For more information, see Ingestion: Digest Phase.
Metrics and Monitoring
Added new metrics to help monitor/diagnose segment fetching queue issues:
segment-fetching-trigger-queue-hit-full-after-global-scan-countersegment-fetching-trigger-queue-offer-from-global-scan-countersegment-fetch-requested-but-already-in-progresssegment-fetch-requested-but-upstream-has-been-deletedsegment-changes-job-trigger-full-global-scan-counter