Falcon LogScale 1.205.0 GA (2025-09-09)

Version?Type?Release Date?Availability?End of SupportSecurity UpdatesUpgrades From?Downgrades To?Config. Changes?
1.205.0GA2025-09-09

Cloud

Next LTSNo1.150.01.177.0No

Available for download two days after release.

Hide file download links

Show file download links

Bug fixes and updates

Advance Warning

The following items are due to change in a future release.

  • Configuration

    • The configuration option VERIFY_CRC32_ON_SEGMENT_FILES (default: true) which can be used to disable Cyclic Redunancy Check (CRC) verification when reading segments is planned to be removed in version 1.213.

Deprecation

Items that have been deprecated and may be removed in a future release.

  • AUTOSHARDING_MAX configuration variable is now being deprecated and will be removed in version 1.207.

  • The EXTRA_KAFKA_CONFIGS_FILE configuration variable has been deprecated and planned to be removed no earlier than version 1.225.0. For more information, see RN Issue.

  • rdns() has been deprecated and will be removed in version 1.249. Use reverseDns() as an alternative function.

Behavior Changes

Scripts or environment which make use of these tools should be checked and updated for the new configuration:

  • Functions

    • The correlate() function now consistently selects the earliest candidate events first, based on either @timestamp or @ingesttimestamp depending on query submission parameters.

Upgrades

Changes that may occur or be required during an upgrade.

  • Installation and Deployment

    • Upgraded the bundled JDK from version 24.0.1 to 24.0.2.

New features and improvements

  • API

    • Added new parameter allowInPlaceMigration for the addOrganizationForBucketTransfer GraphQL mutation. When set to true, this bypasses bucket upload overwrite checks for S3 and Azure, enabling in-place segment migrations. This behavior is unchanged for Google Cloud Storage (GCS), as it does not implement these checks.

Fixed in this release

  • User Interface

    • Fixed an issue where the progress calculation of queries using defineTable() would incorrectly fluctuate, causing the progress bar in the search UI to move back and forth. Queries are now weighted evenly to ensure consistent progress tracking even if the work of a query is yet to be calculated.

    • Extended Single Value widget to be compatible with query results containing one or two (for multiple grid visualization) groupBy() fields, where groupBy() fields make up the entire set.

  • Other

    • Fixed a issue where concurrency issues when parsing YAML content occasionally caused threads to loop infinitely.

Improvement

  • API

    • The <gqlfield>assignedTasks</gqlfield> and <gqlfield>unassignedTasks</gqlfield> fields of the ClusterNode GraphQL datatype now only show tasks relevant to the node's nodeRole, providing clearer information about active tasks.

  • Queries

    • Improved query planning performance for scenarios with many bucket-stored segments by implementing cached precomputed tables instead of expensive rendezvous hashing. The hash table size defaults to 10,000 rows and can be configured using NUMBER_OF_ROWS_IN_SEGMENT_TO_HOST_MAPPING_TABLE.

    • Improved query response handling by streaming large JSON responses. This enhancement allows responses to start streaming faster even when the entire response is very large, particularly helping in cases where responses previously hit request timeouts.

    • Query workers under digest load now respond more quickly when canceling running queries.