news: add entry for #4472

Signed-off-by: Attila Szakacs <attila.szakacs@axoflow.com>

news/feature-4472.md

@@ -0,0 +1,40 @@
+Sending messages to CrowdStrike Falcon LogScale (Humio)
+
+The `logscale-hec()` destination feeds LogScale via the [HEC API](https://library.humio.com/falcon-logscale/log-shippers-hec.html).
+
+Minimal config:
+```
+destination d_logscale_hec {
+  logscale-hec(
+    url("http://localhost")
+    token("my-token")
+  );
+};
+```
+Additional options include:
+  * event()
+  * index()
+  * source()
+  * sourcetype()
+  * host()
+  * time()
+  * timezone()
+  * fields()
+  * extra-headers()
+  * content-type()
+
+By default the messages are sent in RFC5424 format with syslog sourcetype, which
+executes the [syslog Parser](https://library.humio.com/falcon-logscale/parsers-built-in.html#parsers-built-in-parser-syslog) in LogScale.
+
+The `logscale-hec-raw()` destination feeds LogScale via the [Raw HEC API](https://library.humio.com/falcon-logscale/log-shippers-hec.html#log-shippers-hec-raw).
+
+Minimal config:
+```
+destination d_logscale_hec_raw {
+  logscale-hec-raw(
+    url("http://localhost")
+    token("my-token")
+    channel("my-channel")
+  );
+};
+```