The Alert and Scheduled Search dialogs have gotten a makeover.

Fixed an issue where it was possible to create an alert with an empty time interval or a blank name or throttle field.

Deprecated GraphQL field SearchDomain.recentQueries in favor of SearchDomain.recentQueriesV2.

Removed the log4j2-stdout-json.xml configuration file. The replacement log4j2-json-stdout.xml has been available for a while, and we want everyone to move to the new configuration, as the old configuration produces logs incompatible with the Insights Package.

Limit how many times we'll repeat a repeating regexp. The default max number of repetitions is .0 but the value is configurable between 50 and .0 by setting the MAX_REGEX_REPETITIONS env variable.

With worldMap() function, you can now see the magnitude value by hovering marks on the map.

Fixed an issue in timeChart() where the horizontal line did not showing up.

Reduced memory usage for groupBy() function, etc.; worst-case in particular but also average-case to some degree.

Fixed an issue where worldmap widgets would revert to event list widgets when changing styling options.

Fixed a rare issue that could fail to trigger a JVM shutdown if the Kafka digest leader loop thread became nonfunctional.

Debug logs which relate to the invocation of an action now contain an actionInvocationId. This trace id is the same for all logs generated by the same action invocation.

Slightly improve performance of id lookups in global

Included both ws and wss in csp header

In the time selector, you can now write "24" in the time-of-day field to denote the end of the day.

Improve thread safety of updates to global Hosts entities during bootup

The UI now consistently marks required field with a red asterisk across a number of dialogs.

Fixed an issue where UI stalled on the "Data Sources" page

Removed requirement that SAML Id needs to be an URL (Now, only requirement is that the field is not empty)

Add a label to the empty option for default queries on the repository settings page.

Fixed an issue where optimizeAndSaveQueryCoordinationPartitions could attempt to save a partitioning table to global with gaps in the partition list. This caused queries to fail, and repeated logging of a validation error.

The New Action dialog validates user input in a more indulgent fashion and provides all validation errors consistently.

Fixed various bugs for the worldmap widget. The bug fixes may cause your world map marks to look different that previously, but should now work as intended and correcting it should be as simple as tweeking the style parameters.

Fixed an issue which caused queries to crash when "beta:repeating()" was used with a time interval ending before "now".

Changed implementation of cluster host alive stats to trigger updates in the in-memory state based on changes in global, rather than running periodic updates.

Added button to delete the organization from the Organization Overview page

Improved styling of header on organization overview page

Updated the interactive tutorial with better descriptions

The list of recent queries on the search page now has headers with the date the query was run.

Working on merging of advanced and simple permission models, so that the roles can be added directly to users.

Changed implementation of cluster host alive stats to attempt to reduce thread contention when threads are checking for host liveness.

Reimplement several part of Humio to use a safer mechanism for listening to changes from global. This should eliminate a class of race condition that could cause nodes to ignore updates received during the boot process.

The Humio frontend no longer sends the Humio-Query-Session header to the backend, since it is no longer used.

Added frontend validation on welcome page and invitation page fields

Inviting users on cloud now requires the invited user to accept the invitation before assigning permissions to him. Moreover, it is possible to invite users who are in another organization on cloud.

When looking at the details of an event, long field values will now extend beyond the viewport by default. Word wrapping can be enabled to stop it from extending outside the viewport.

Fixed an issue for Firefox 78.10.1 ESR where the event list and event distribution chart would not be scrollable and resize incorrectly.

Users with read repository permissions can now access and see files.

Added ability to set organization usage limits manually for cases where automatic synchronization is not possible.

Add a bit more debug logging to DataSnapshotLoader, for visibility around choice of global snapshot during boot

Fixed a problem when some user-defined styles weren't being applied to a chart after a page refresh or when exported to a dashboard widget

Started internal work on memory quotas on queries' aggregation states. This should not have any user-visible impact yet.

Automatically reduce the precision of world maps when they exceed a certain size limit

Fixed an issue with AuthenticationMethod.SetByProxy where the search page would constantly reload.

Fixed a problem where the global consistency check would report spurious inconsistencies because of trivial differences in the underlying JSON data

Fixed an issue in the Query State Cache that could fail a query on time intervals with a fixed timestamp as start and now as end.

When assigning a role, all the user which need a new role are choosen, and then the same role is assigned to them all.

Fixed an OIDC group synchronization issue where users where denied access even though their group membership gave them access.

The event distribution chart would sometimes show a bucket span reported in milliseconds instead of a more appropriate unit, when those milliseconds did not add up cleanly (e.g. "1h"). Now the bucket span can be reported with multiple units (e.g. "1h 30m")

Added a quickfix feature for reserved keywords

Improved error messages when exporting invalid dashboards as templates

All users (including existing users) need to accept the privacy notice and terms and conditions <https://www.crowdstrike.com/terms-conditions/humio-self-hosted> before using Humio.

Humio trial installations now require a trial license. To request a trial license go to getting-started