Falcon LogScale 1.76.0 GA (2023-02-07)
| Version? | Type? | Release Date? | Availability? | End of Support | Security Updates | Upgrades From? | Downgrades To? | Config. Changes? |
|---|---|---|---|---|---|---|---|---|
| 1.76.0 | GA | 2023-02-07 | Cloud | 2024-02-28 | No | 1.44.0 | 1.26.0 | No |
Bug fixes and updates.
Advance Warning
The following items are due to change in a future release.
Configuration
Starting from 1.78 release, the default value for the
MAX_INGEST_REQUEST_SIZEconfiguration will be reduced from1 GBto32 MB.This value limits the size of ingest request and rejects oversized requests.
If the request is compressed within HTTP, then this restricts the size after decompressing.
Removed
Items that have been removed as of this release.
API
Removed the API for managing ingest tokens. This has long been deprecated and replaced by a GraphQL API.
New features and improvements
User Interface
Event List Interactions are now sorted by name and repository name by default.
Dashboards and Widgets
The
Single Valuewidget now supports interactions on both the Search and Dashboard page. See Work with Dashboard Interactions for more details on interactions.It is now possible to set a temporary timezone in dashboards, which will be read from the URL on page load, for example
tz=Europe/Copenhagen.For more information, see Shared Time Selector.
Log Collector
Fleet and Group Management now supports remote configuration of LogScale Collectors. This gives an administrator the option of managing the configuration of LogScale Collector instances in LogScale, instead of managing configuration files directly on the device where Falcon LogScale Collector is installed.
For more information, see Fleet and Group Management, Falcon LogScale Collector Releases.
Functions
Queries containing a
join()function no longer run truly live when the query is set to . Instead, these queries will run repeatedly at intervals determined by the query engine.For more information, see Errors when Using Live join() Functions, Limitation: Widgets with Live join() Functions,
join(), Special behaviour for live joins.
Fixed in this release
Other
Fixed an issue for the ingest API that made it possible to ingest into system repositories.
Recent Package Updates
The following LogScale packages have been updated within the last month.
Package Changes
nginx/nginx has been updated to v1.0.0.
Added separate parsers for access and error logs.
Added several useful saved searches.
Added new dashboards - Overview, Error log analysis, HTTP errors, Visitor insights, IOC matches for client IP and IOC matches for referer domain.
For more information, see Package nginx/nginx Release Notes.
apache/http-server has been updated to v1.0.0.
Added separate parsers for Apache access and error logs.
Added custom server_name field in parsers for both access and error logs.
Added custom client_ip field in parser for error logs.
Added new dashboards - Overview, Error log analysis, HTTP errors, Visitor insights, IOC matches for client IP and IOC matches for referer domain.
For more information, see Package apache/http-server Release Notes.