Falcon LogScale 1.98.0 GA (2023-07-11)
| Version? | Type? | Release Date? | Availability? | End of Support | Security Updates | Upgrades From? | Downgrades To? | Config. Changes? |
|---|---|---|---|---|---|---|---|---|
| 1.98.0 | GA | 2023-07-11 | Cloud | 2024-08-31 | No | 1.44.0 | 1.26.0 | No |
Bug fixes and updates.
Advance Warning
The following items are due to change in a future release.
Installation and Deployment
Support for running on Java 11, 12, 13, 14, 15 and 16 will be removed by the end of September 2023.
New features and improvements
Automation and Triggers
Improvements have been made in the UI:
When Creating an Alert from a Query, the alert type — Standard or Filter — is auto-selected based on query detection.
Added a trigger limit field in the Filter Alerts form.
Actions are now selected in Alerts and Scheduled Searches forms using a ComboBox component.
Changed the behaviour of the + button for Actions selection in the Alerts and Scheduled Searches forms; it will now take you to the form where you create a new action instead of adding an action to that entity.
GraphQL API
QueryOnlyAccessTokensGraphQL query field previously used for a prototype has now been removed.
Configuration
The new configuration parameters
FILTER_ALERT_MAX_EMAIL_TRIGGER_LIMITandFILTER_ALERT_MAX_NON_EMAIL_TRIGGER_LIMITnow allow setting the trigger limit for filter alerts; the allowed value depends on whether the alert has email actions attached or not.
Recent Package Updates
The following LogScale packages have been updated within the last month.
Package Changes
crowdstrike/spotlight has been updated to v0.1.1.
Fixed error with some dashboard widgets being cut off
For more information, see Package crowdstrike/spotlight Release Notes.
humio/activity has been updated to v1.1.0.
Minimum supported LogScale version bumped to 1.93.0.
Added a Filter Alerts Overview dashboard showing status of filter alerts.
Renamed the Alerts Overview to Standard Alerts Overview to distinguish it from the Filter Alerts Overview.
For more information, see Package humio/activity Release Notes.
netskope/casb has been updated to v0.2.0.
Fixed parser to process all events
Added test cases to the parser
Updated dashboards to consume fields extracted by fixed parser
For more information, see Package netskope/casb Release Notes.