Falcon LogScale 1.82.1 LTS (2023-05-15)
| Version? | Type? | Release Date? | Availability? | End of Support | Security Updates | Upgrades From? | Downgrades To? | Config. Changes? |
|---|---|---|---|---|---|---|---|---|
| 1.82.1 | LTS | 2023-05-15 | Cloud On-Prem | 2024-04-30 | No | 1.44.0 | 1.26.0 | No |
Download: https://repo.humio.com/repository/maven-releases/com/humio/server/1.82.1/server-1.82.1.tar.gz
Hide file hashes
| TAR Checksum | Value | Hash File |
|---|---|---|
| MD5 | fb4b50f131a07565a3f26b880d56fd4c | Â |
| SHA1 | 1263a3d79beba7826184e3ad25ecd0e943c7ea9e | Â |
| SHA256 | 0d941a09269ae5efaa934568009a4ac4ea8a3ef7100332afe253c82ff75ec17b | Â |
| SHA512 | 0277eab1d3069f5369f978b9d582f3093c6856563d4512c590cbed3a381e1fd8c45ddb4185e71c2ff5c2ce9dc2f97822fbe466574c0e638e90c2132db9980e06 | Â |
| Docker Image | SHA256 Checksum | Hash File |
|---|---|---|
| humio | 87eaef9b043dd23a65eefd749e9540b27d554fd1f41484695d77815544347937 | Hash file |
| humio-core | 145cb7a5d35dffc62e7239b007721454ba2bd85af50496cc4c461bafbcd472d9 | Hash file |
| kafka | 31a6e03e68efd4d7a2a3be0858726d77c6c7e7be9eadecff52144e8e349b195e | Hash file |
| zookeeper | 4842ee4e9848b389d97e155a9504e9e9c54ae4312c9d47b23529e9bea4fcf85a | Hash file |
These notes include entries from the following previous releases: 1.82.0, 1.82.0
Bug fixes and updates.
New features and improvements
User Interface
Improvements have been made on the Fields Panel, that would flicker when switching between the Results and Events tabs and the query was live. It now displays the fields of the aggregated query when on the Results tab, and the fields of the events query when on the Events tab.
Queries
Added backend support for organization level query blocking. Actors with the
BlockQueriespermission are able to block and stop queries running within their organization.
Functions
Other
Added optional global argument to
stopAllQueries,stopStreamingQueries,stopHistoricalQueries,blockedQueries,addToBlocklistById,addToBlocklistpermissions. Default isfalsei.e. within own organization only.Worker-level query scheduling has been adjusted to avoid long-term starvation of expensive queries.
Fixed in this release
User Interface
Fixed some missing Field Interactions options for the data type in the Event List.
For more information, see Field Data Types.
API
Fixed an issue with API Explorer that could fail to load in some configurations when using cookie authentication.
Dashboards and Widgets
The dropdown menu for dashboard parameter suggestions is now faster and can handle several thousand entries without blocking the UI.
For more information, see Work with Dashboard Parameters.
Functions
Fixed an issue where a query with
join(),selfJoin(), orselfJoinFilter()functions would sometimes get cancelled.
Other
Fixed a permission issue for LogScale Self-Hosted having a dependency on the
ManageOrganizationssystem permission, which should not apply to that environment — theManageClustersystem permission in itself is now sufficient for Self-Hosted.Fixed an issue that occurred when creating users: when multiple user creation requests were sent at the same time, multiple users were in some cases created with the same name.
Fixed an issue that could cause recently merged mini-segments to be excluded from searches after a reboot.
Recent Package Updates
The following LogScale packages have been updated within the last month.
Package Changes
microsoft/microsoft365 has been updated to v1.1.0.
Introduces a new "Email IOC detections" dashboard, which allows scanning your emails for matches against any indicators of compromise (IOC) as reported by CrowdStrike.
Includes drilldown capabilities, to easily investigate any IOC matches you might find.
Bumps the minimum supported version of LogScale from 1.50 to 1.77.
Adds a "Sender IP" parameter to the "Email investigation" dashboard, allowing easy filtering on sender IP addresses.
Makes a changes to presentation of data in the "Email investigation" dashboard. Most notably, the "Email details" widget is split in two, to better present the data.
The "Email overview" dashboard now provides a clearer view of what emails have been blocked, and also includes an overview of IOC detections on delivered emails.
The "Email overview" now uses the "FROM" SMTP email address to determine the sender, instead of the "MAIL FROM" address. This brings it in line with the rest of the package.
Some widgets have been moved from the "Email overview" dashboard to "Email threat summary".
For more information, see Package microsoft/microsoft365 Release Notes.