DOKK / manpages / debian 12 / sosreport / sos.1.en
sos(1) General Commands Manual sos(1)

sos - A unified tool for collecting system logs and other debug information

sos component [options]

sos is a diagnostic data collection utility, used by system administrators, support representatives, and the like to assist in troubleshooting issues with a system or group of systems.

The most well known function is sos report or sosreport as it was previously known.

An sos archive is typically requested by support organizations to collect baseline configuration and system data from which to begin the troubleshooting process.

sos supports several subcommands or components. Each provides a different set of information for the user. Supported components are as follows

Report generates an archive of system information including configuration files and command output. Information included in the report is based upon plugins that are activated automatically when certain criteria, such as installed packages, files, services, or system architecture is detected.

See sos report --help and man sos-report for more information.

May also be invoked via the alias rep or the deprecated command sosreport.

Collect is used to capture reports on multiple systems simultaneously. These systems can either be defined by the user at the command line and/or defined by clustering software that exists either on the local system or on a "master" system that is able to inform about other nodes in the cluster.

When running collect, sos report will be run on the remote nodes, and then the resulting archives will be copied from those nodes to the local system running sos collect. Archives are then removed from the remote systems.

See sos collect --help and man sos-collect for more information.

May also be invoked via the alias sos collector or the deprecated command sos-collector.

This subcommand takes input of either 1) an sosreport tarball, 2) a collection of sosreport tarballs such as from collect, or 3) the unpackaged directory of an sosreport and obfuscates potentially sensitive system information that is not covered by the standard postprocessing of sos report.

Such data includes IP addresses, networks, MAC addresses, and more. Data obfuscated by this command will remain consistent throughout the report and across reports provided in the same invocation. Additionally, care is taken to maintain network topology relationships between matched data items.

See sos clean --help and man sos-clean for more information.

May be invoked via either sos clean, sos mask, or via the --clean or --mask options for report and collect.

sos components provide their own set of options, however the following are available to be set across all components.

--batch Do not prompt interactively, user will not be prompted for any data

Encrypts the resulting archive that sosreport produces using GPG. KEY must be an existing key in the user's keyring as GPG does not allow for keyfiles. KEY can be any value accepted by gpg's 'recipient' option.

Note that the user running sosreport must match the user owning the keyring from which keys will be obtained. In particular this means that if sudo is used to run sosreport, the keyring must also be set up using sudo (or direct shell access to the account).

Users should be aware that encrypting the final archive will result in sos using double the amount of temporary disk space - the encrypted archive must be written as a separate, rather than replacement, file within the temp directory that sos writes the archive to. However, since the encrypted archive will be the same size as the original archive, there is no additional space consumption once the temporary directory is removed at the end of execution.

This means that only the encrypted archive is present on disk after sos finishes running.

If encryption fails for any reason, the original unencrypted archive is preserved instead.

The same as --encrypt-key, but use the provided PASS for symmetric encryption rather than key-pair encryption.
Specify alternate configuration file.
Specify an alternate root file system path.
Specify alternate temporary directory to copy data during execution.
Specify the number of threads sosreport will use for concurrency. Defaults to 4.
Increase logging verbosity. May be specified multiple times to enable additional debugging messages.
Only log fatal errors to stderr.
Compression type to use when compression the final archive output
Display usage message.

Jake Hunsaker <jhunsake@redhat.com>

See AUTHORS file in the package documentation.

April 2020