Falcon LogScale 1.243.0 GA (2026-06-02)
| Version? | Type? | Release Date? | Availability? | End of Support | Security Updates | Upgrades From? | Downgrades To? | Config. Changes? |
|---|---|---|---|---|---|---|---|---|
| 1.243.0 | GA | 2026-06-02 | Cloud | Next LTS | No | 1.177.0 | 1.177.0 | No |
Hide file download links
Download
Use docker pull humio/humio-core:1.243.0 to download the latest version
Bug fixes and updates
Deprecation
Items that have been deprecated and may be removed in a future release.
The following manuals have been moved to the archives:
The userId parameter for the updateDashboardToken GraphQL mutation has been deprecated and will be removed in version 1.273.
rdns()has been deprecated and will be removed in version 1.249. UsereverseDns()as an alternative function.
New features and improvements
API
The following endpoint has been added:
POST /api/v1/repositories/{repo}/queryjobs/{id}/newclientThis endpoint creates a new client for an existing query, allowing multiple independent consumers to poll the same query session.
Fixed in this release
Administration and Management
Fixed an issue where removing a node using the menu, with the REST endpoint
DELETE /api/v1/clusterconfig/members/<node_id>, or with GraphQL API using the mutation clusterUnregisterNode could lead to data loss, even when the flagforce/accept-data-losswas not set.A validation step has also been added that ensures data is properly replicated before allowing node removal, which may slightly slow the operation.
The fix can be disabled via the feature flag
RefreshClusterManagementStatsInUnregisterNode, which is scheduled for removal in version 1.252. If issues arise that lead to the need to disable the feature flag, inform support.For more information, see Best Practice: Contacting Support.
User Interface
Fixed an issue where recalling a recent query would incorrectly display results as an event list instead of auto-selecting the appropriate visualization.
Queries
Fixed an issue where, in rare cases, queries could go missing when reusing query sessions and submitting identical queries close together, causing a race condition.
Auditing and Monitoring
An issue has been fixed where audit log entries exceeding 16KB would be truncated with an ellipsis character (...), causing the resulting JSON to be unparseable. The maximum string length for audit log JSON output has also been increased to 900KB.
Functions
The
parseLEEF()function now correctly adds error messages to the @error_msg[] field when failing to parse. This aligns error reporting with other parse functions.
Known Issues
Storage
For clusters using secondary storage where the primary storage on some nodes in the cluster may be getting filled (that is, the storage usage on the primary disk is halfway between
PRIMARY_STORAGE_PERCENTAGEandPRIMARY_STORAGE_MAX_FILL_PERCENTAGE), those nodes may fail to transfer segments from other nodes. The failure will be indicated by the error java.nio.file.AtomicMoveNotSupportedException with message "Invalid cross-device link".This does not corrupt data or cause data loss, but will prevent the cluster from being fully healthy, and could also prevent data from reaching adequate replication.
Improvement
User Interface
Recent queries are now saved after the first results arrive rather than immediately after a search is initiated. This allows the system to correctly determine whether to store the current widget type for manually selected visualizations, or omit it for auto-detected visualizations, ensuring recalled queries display with the correct visualization.
Storage
A new environment variable,
S3_STORAGE_STREAM_IDLE_TIMEOUT_SECONDS, has been introduced. The environment variable ensures that if an Amazon S3 provider fails to send any data for the configured time duration, the transfer is aborted instead of hanging indefinitely and blocking other transfers from being scheduled. When using this variable, it's important to note the following:If not defined, the default duration value is 180 seconds.
This environment variable controls the stream idle timeout for both upload and download times.
While the timeout mechanism was already in place for S3 upload, it was not previously present for S3 download.
Configuration
The following environment variables have been added to control start rate limiting for the query coordinator:
QUERY_COORDINATOR_START_RATE_LIMIT- the maximum number of new queries that can be started per interval as defined byQUERY_COORDINATOR_START_RATE_LIMIT_INTERVAL_MILLIS.QUERY_COORDINATOR_START_RATE_LIMIT_INTERVAL_MILLIS- the interval over which the start rate limit is applied, in milliseconds (ms). The default value is 1000 ms, and the minimum value is 1000 ms.
These environment variables allow for controlling an existing mechanism. No new mechanism is introduced. If these limits are reached, queries are delayed and do not start execution until later.