Falcon LogScale 1.208.0 GA (2025-09-30)
| Version? | Type? | Release Date? | Availability? | End of Support | Security Updates | Upgrades From? | Downgrades To? | Config. Changes? |
|---|---|---|---|---|---|---|---|---|
| 1.208.0 | GA | 2025-09-30 | Cloud | Next LTS | No | 1.150.0 | 1.177.0 | No |
Available for download two days after release.
Hide file download links
Download
Use docker pull humio/humio-core:1.208.0 to download the latest version
Bug fixes and updates
Deprecation
Items that have been deprecated and may be removed in a future release.
The updateUploadFileAction() GraphQL mutation is deprecated. Use instead updateUploadFileActionV2().
The
EXTRA_KAFKA_CONFIGS_FILEconfiguration variable has been deprecated and planned to be removed no earlier than version 1.225.0. For more information, see RN Issue.
rdns()has been deprecated and will be removed in version 1.249. UsereverseDns()as an alternative function.
Behavior Changes
Scripts or environment which make use of these tools should be checked and updated for the new configuration:
Queries
Made changes to
correlate()internals that are not backwards compatible. Clusters with mixed new and old LogScale versions will not be able to runcorrelate()queries until all nodes are upgraded. This limitation also applies to Multi-Cluster Search queries across clusters running different versions.Functions
The following function restrictions are now compile-time errors instead of runtime errors, making them detectable by GraphQL APIs and Language Service Protocol (LSP):
eval()now includes coverage for invalid usage within expressions
groupBy()now includes coverage for limiting parameter values exceeding maximum allowed value
series()includes coverage for collection parameters containing prohibited fields
regex(),replace(), andarray:regex()includes coverage for their use of Regular Expression Engine v2 when disabled at cluster level.
New features and improvements
Dashboards and Widgets
Added a default Series color palette option for dashboards. This new palette can be configured at dashboard level and can be inherited by those widgets that support multiple color palettes for differentiating between series.
Functions
The Upload file action has now been renamed to Lookup file action and improved with new upload functionalities:
Overwrite– Replaces entire file contents of existing file (existing behavior)Append– Adds new information to the end of existing fileUpdate– Updates specific rows based on selected key columns.
Note
The existing behavior for the
Lookup Fileaction isOverwrite, which replaces the entire contents of existing CSV files.For more information, see Action Type: Lookup File, Lookup Files.
Fixed in this release
Metrics and Monitoring
Fixed two issues with metrics:
Ingest queue offset metrics are now properly cleaned up when the job switches nodes, preventing stale metric reporting.
Falcon Data Replicator (FDR) queue metrics can now be re-registered after being unregistered, supporting re-enabled FDR feeds.
Affected metrics:
ingest-consumer-group-offset
ingest-consumer-group-offset-lag
ingest-offset-lowest
ingest-queue-lowest-offset-lag
fdr-message-count
fdr-inflight-message-count
For more information, see Ingesting FDR Data into a Repository.
Other
Fixed LDAP authentication bug.
Known Issues
Storage
For clusters using secondary storage where the primary storage on some nodes in the cluster may be getting filled (i.e. the storage usage on the primary disk is halfway between
PRIMARY_STORAGE_PERCENTAGEandPRIMARY_STORAGE_MAX_FILL_PERCENTAGE), those nodes may fail to transfer segments from other nodes. The failure will be indicated by the error java.nio.file.AtomicMoveNotSupportedException with message "Invalid cross-device link".This does not corrupt data or cause data loss, but will prevent the cluster from being fully healthy, and could also prevent data from reaching adequate replication.
Improvement
Administration and Management
Re-introduced audit logging when overriding an existing Lookup file with identical content.
Queries
Added user-visible warnings to alert users when query polling fails repeatedly.
Functions
Improved
correlate()graph analysis performance. Users may notice changes to the query graph visualization.For more information, see Correlation Options, Display tabs.