Falcon LogScale 1.207.0 GA (2025-09-23)
| Version? | Type? | Release Date? | Availability? | End of Support | Security Updates | Upgrades From? | Downgrades To? | Config. Changes? |
|---|---|---|---|---|---|---|---|---|
| 1.207.0 | GA | 2025-09-23 | Cloud | Next LTS | No | 1.150.0 | 1.177.0 | No |
Available for download two days after release.
Hide file download links
Download
Use docker pull humio/humio-core:1.207.0 to download the latest version
Bug fixes and updates
Advance Warning
The following items are due to change in a future release.
Automation and Triggers
From version 1.219.0, LogScale will enforce a new limit of at most 10 actions per trigger (alert or scheduled search). Any existing trigger violating the limit will continue to run, but if you edit the trigger, you will be forced to restrict the number of actions to 10.
Removed
Items that have been removed as of this release.
GraphQL API
Removed the deprecated GraphQL field isValidFilterAlertQuery on the type
queryAnalysisreturned from the queryAnalysis GraphQL query.
Deprecation
Items that have been deprecated and may be removed in a future release.
The
EXTRA_KAFKA_CONFIGS_FILEconfiguration variable has been deprecated and planned to be removed no earlier than version 1.225.0. For more information, see RN Issue.
rdns()has been deprecated and will be removed in version 1.249. UsereverseDns()as an alternative function.
Behavior Changes
Scripts or environment which make use of these tools should be checked and updated for the new configuration:
Dashboards and Widgets
Event list's format column controls and field interactions that might alter the visualization or the query behind it have now been made inaccessible on dashboards.
Metrics and Monitoring
Metrics backed by exponential decay will now clear values if no new metrics arrive within 5 minutes (the bias period of the weighted metrics) rather than showing the same value until new data arrives.
New features and improvements
Dashboards and Widgets
The
Time Chart,Bar Chart,Pie Chart,Scatter Chart, andSankeywidgets now support multiple color palettes for differentiating between series.
Metrics and Monitoring
Added a new gauge metric
build_infowith a label named version containing the full build version. Value is a constant of 1.
Functions
Introduced a new function
text:substring()that can extract a substring of a string based on the supplied indices.Introduced a new function
text:positionOf(), which finds the position of a given character or substring within a string. Useful in conjunction withtext:substring().Added a new function
text:length(), which calculates the length of a string. Useful in conjunction withtext:substring.Added a
timezoneFieldparameter toparseTimestamp(). This allows you to provide a dynamic default timezone for when the event's timestamps do not contain a timezone. You do this by specifying a field that contains the default timezone. This allows for the same parser to be used in contexts that do not share the same static default timezone, for instance when parsing events from different log sources.Additionally, a deprecation warning has been added for the use of the
timezoneparameter, as the behavior will change in the future to act as default timezone instead of an override value. That is, it will no longer overwrite what is parsed from the event's timestamp.
Fixed in this release
User Interface
The Parameters top panel could be open as default even though it did not contain any parameters. This wrong behavior has now been fixed.
Storage
The Secondary Storage was unable to copy files larger than 2GB, due to file corruption in transit, which caused the storage to leave such files on the primary storage device only. This issue has now been fixed.
Queries
Fixed the computation of digest flow information returned as part of query metadata. This information indicates which ingest timestamps are reliably included in the search result.
The changes primarily affect historic queries where the digest information is now fixed at query submission time, whereas previously it kept being updated on each poll. This was incorrect because the set of events for the query is fixed on submission time.
For consumers, the main effect is that the returned values are now generally going to be further in the past than previously.
For live queries, the fixes relate to races between computation of results and computation of digest flow info. To address this digest flow info is now slightly more conservative than before.
When searching by ingest timestamp with interval (
start,end), events with ingest timestamp equal toendwould sometimes be incorrectly included. This wrong behavior has now been fixed.
Functions
Fixed rare cases where queries using
correlate()would appear to stall after the first iteration.