Falcon LogScale 1.217.0 GA (2025-12-01)

Version?Type?Release Date?Availability?End of SupportSecurity UpdatesUpgrades From?Downgrades To?Config. Changes?
1.217.0GA2025-12-01

Cloud

Next LTSNo1.150.01.177.0No

Available for download two days after release.

Hide file download links

Show file download links

Bug fixes and updates

Advance Warning

The following items are due to change in a future release.

  • Security

    • Starting from LogScale version 1.237, support for insecure ldap connections will be removed. Self-Hosted customers using LDAP will only be able to use ldaps secure connections.

Removed

Items that have been removed as of this release.

Configuration

  • Removed SEGMENT_TO_HOST_MAPPING_CRASH_SETTLING_TIME_SECONDS configuration as the logic is now handled internally according to Heartbeats.

Deprecation

Items that have been deprecated and may be removed in a future release.

  • The userId parameter for the updateDashboardToken GraphQL mutation has been deprecated and will be removed in version 1.273.

  • The EXTRA_KAFKA_CONFIGS_FILE configuration variable has been deprecated and planned to be removed no earlier than version 1.225.0. For more information, see RN Issue.

  • rdns() has been deprecated and will be removed in version 1.249. Use reverseDns() as an alternative function.

  • The Secondary Storage feature is now deprecated and will be removed in LogScale 1.225.0.

    The Bucket Storage feature provides superior functionality for storing rarely queried data in cheaper storage while keeping frequently queried data in hot storage (fast and expensive). For more information, see Bucket Storage.

    Please contact LogScale support for any concerns about this deprecation.

New features and improvements

  • Automation and Triggers

    • Added a new system repository humio-trigger-execution-info, which contains information about the execution of triggers. This new system repository is meant to be consumed by other systems; for a human-readable version, refer to the humio-activity repository.

      Currently, this new system repository only contains information about the execution of scheduled searches, not alerts.

    • A new message template for formatting timestamps is now available for providing more formatting options. It applies to query_end, query_start, and triggered timestamps. For example: {format_time(triggered, "yyyy-MM-dd'T'HH:mm:ssX")}.

      For more information, see Message Templates and Variables.

  • Configuration

    • Added a new dynamic configuration GraphQLMaxErrorsCount, to configure the maximum number of errors returned in the GraphQL response errors array. Default value is 100, with valid values between 1 and 10000.

  • Log Collector

  • Queries

    • Views can now be configured to resolve saved queries, lookup files and field aliases from a different view or repository.

      For more information, see ???.

  • Metrics and Monitoring

    • Added new metrics:

      • currently-submitted-fetches-for-prefetching - Counts the number of pending segment file fetches the prefetcher has requested from the fetching subsystem.

      • currently-submitted-fetches-for-archiving - Counts the number of pending segment file fetches the bucket archiving job has requested from the fetching subsystem.

Fixed in this release

  • Installation and Deployment

    • Fixed an issue in KafkaAdminUtils where a NullPointerException could occur if the code was accessed while a Kafka partition had no leader, causing unnecessary entries in the debug log. This problem has now been fixed.

  • Storage

    • Fixed a rare issue preventing segments from being merged.

    • A few issues have been fixed in idle datasource deletion code. The deletion code could delete the last datasource from a partition, which could cause digest to start from scratch on that partition in Kafka.

    • Fixed an issue where an InterruptedException could occur from CurrentHostsSyncJob during system termination, causing unnecessary entries in the debug log. This problem has now been fixed.

    • Fixed an issue where a scala.MatchError could be thrown from the metrics system during node shutdown, causing unnecessary entries in the debug log. This problem has now been fixed.

  • Metrics and Monitoring

    • Fixed a bug in the ingest-queue-read-offset-progress-job that prevented it from finding the ingest-queue-read-offset metric. This resolves the error message Ingest queue progress error: No ingest-queue-read-offset metrics found for partition that appeared about an hour after cluster restart.

Known Issues

  • Storage

    • For clusters using secondary storage where the primary storage on some nodes in the cluster may be getting filled (i.e. the storage usage on the primary disk is halfway between PRIMARY_STORAGE_PERCENTAGE and PRIMARY_STORAGE_MAX_FILL_PERCENTAGE), those nodes may fail to transfer segments from other nodes. The failure will be indicated by the error java.nio.file.AtomicMoveNotSupportedException with message "Invalid cross-device link".

      This does not corrupt data or cause data loss, but will prevent the cluster from being fully healthy, and could also prevent data from reaching adequate replication.

Improvement

  • Configuration

    • The following environment variables have been renamed to reflect their specific usage:

      • NUMBER_OF_ROWS_IN_SEGMENT_TO_HOST_MAPPING_TABLE changed to NUMBER_OF_ROWS_IN_OWNER_HOSTS_TABLE

      • SEGMENT_TO_HOST_MAPPING_TOPOLOGY_CHANGE_SETTLING_TIME_SECONDS changed to OWNER_HOSTS_TABLE_TOPOLOGY_CHANGE_SETTLING_TIME_SECONDS

  • Queries

    • Filter prefix validation has been strengthened: use of query parameters is now explicitly disallowed.

    • Added optimization related to tag filters. This improvement should slightly speed up correlate() queries containing tag filters.

    • Improved caching of query states to allow partial reuse of query results when querying by ingest time.