Falcon LogScale 1.204.0 GA (2025-09-02)

Version?Type?Release Date?Availability?End of SupportSecurity UpdatesUpgrades From?Downgrades To?Config. Changes?
1.204.0GA2025-09-02

Cloud

2026-10-31No1.150.01.177.0No

Available for download two days after release.

Hide file download links

Show file download links

Bug fixes and updates

Deprecation

Items that have been deprecated and may be removed in a future release.

  • A system metric used in the Fleet overview interface is now deprecated. New collectors communicating with Fleet management will instead ship two new separate metrics: one containing errors and another containing log sources information. This allows for only shipping the information if anything has changed - thereby reducing load.

  • The EXTRA_KAFKA_CONFIGS_FILE configuration variable has been deprecated and planned to be removed no earlier than version 1.225.0. For more information, see RN Issue.

  • rdns() has been deprecated and will be removed in version 1.249. Use reverseDns() as an alternative function.

Behavior Changes

Scripts or environment which make use of these tools should be checked and updated for the new configuration:

  • Queries

    • Changed behavior to respond with ServiceUnavailable when all query coordinators are unreachable, instead of starting queries on the receiving node. This allows users to retry later rather than attempting queries that are likely to fail due to network issues or other problems.

New features and improvements

  • Functions

    • The findTimestamp() function now includes a new timezoneField parameter, which provides dynamic timezone handling. This allows you to:

      • Specify a field containing the default timezone for timestamps that lack timezone information

      • Use the same parser across multiple datasources with different default timezone.

Fixed in this release

  • User Interface

    • Tables in the Search page have been fixed for the following issues:

      • Copying rows from multiple pages at different stages of a live query completion resulted in data inconsistency.

      • An infinite loading state occurred in static queries when trying to access pages that hadn't been fetched yet.

      For static queries:

      • Disabled row selection (checkboxes disabled)

      • Added tooltip to inform that row selection is not available until query completion.

      For live queries:

      • Row selection now limited to current page

      • Table updates automatically pause during row selection

      • Row deselection required to navigate between pages and re-enable table updates.

      This fix and improvements prevent misleading comparisons between data captured at different processing stages, especially important when copying or analyzing results across multiple pages.

  • Storage

    • Fixed an issue where a race condition between start-up and digest assignment would prevent new nodes from receiving digest partitions. This change also makes partition release more efficient during node shutdown, potentially improving ingest latency during digest reassignment.

  • Dashboards and Widgets

    • Fixed an issue where invalid values and label lists for the FixedList Parameter type would not trigger the Save Dashboard with Invalid Changes warning.

Known Issues

  • Storage

    • For clusters using secondary storage where the primary storage on some nodes in the cluster may be getting filled (i.e. the storage usage on the primary disk is halfway between PRIMARY_STORAGE_PERCENTAGE and PRIMARY_STORAGE_MAX_FILL_PERCENTAGE), those nodes may fail to transfer segments from other nodes. The failure will be indicated by the error java.nio.file.AtomicMoveNotSupportedException with message "Invalid cross-device link".

      This does not corrupt data or cause data loss, but will prevent the cluster from being fully healthy, and could also prevent data from reaching adequate replication.

Improvement

  • User Interface

    • Improved the responsiveness of the Save searches panel by introducing breakpoints on initial width calculation and allowing more space for the query editor, especially on smaller screen sizes.

    • The Save searches panel now includes new functionality:

      • Panel now closes when clicking the Run or Load to editor.

      • Query field resizes when panel is closed

      • Saved searches can be grouped by either Package, Labels, or Last modified.

  • Queries

    • Revised coordination of aggregate streaming queries to run on query coordinators instead of request-receiving nodes, preventing resource starvation and slow performance occurring when receiving nodes are improperly sized for query coordination.

  • Fleet Management

    • The Fleet management poll endpoint has been optimized to avoid parsing configuration files at poll time.

  • Metrics and Monitoring

    • Updated the default histogram implementation from SlidingTimeWindowArrayReservoir to LockFreeExponentiallyDecayingReservoir for improved memory utilization in case of a high cardinality of metrics, or a high sample rate. The new implementation uses reservoir sampling with exponential decay, providing better performance under high concurrency while maintaining statistical accuracy.

      Note

      Some metric values may shift from their former baselines due to statistical sampling.