1. Monitoring and Tuning the System
  2. Working With the sosreport Command

2 Working With the sosreport Command

WARNING:

Oracle Linux 7 is now in Extended Support. See Oracle Linux Extended Support and Oracle Open Source Support Policies for more information.

Migrate applications and data to Oracle Linux 8 or Oracle Linux 9 as soon as possible.

This chapter describes how to install and run the sosreport command and configure its associated modules to collect system configuration and log information about your Oracle Linux systems.

About sosreport

The sosreport command collects information about a system such as hardware configuration, software configuration, and operational state. You can also use sosreport to enable diagnostics and analytical functions. To assist in troubleshooting a problem, sosreport records the information in a compressed file that you can send to a support representative.

Installing sosreport

If the sos package is not already installed on your system, use yum to install it: 

sudo yum install sos

Use the sosreport -l command to list the available plugins and plugin options: 

sudo sosreport -l
The following plugins are currently enabled:

acpid            acpid related information
anaconda         Anaconda / Installation information
.
.
.
The following plugins are currently disabled:

amd                Amd automounter information
cluster            cluster suite and GFS related information
.
.
.
The following plugin options are available:
apache.log             off gathers all apache logs
auditd.syslogsize      15 max size (MiB) to collect per syslog file
.
.
.

See the sosreport(1) manual page for information about how to enable or disable plugins, and how to set values for plugin options.

Running sosreport

You can run sosreport to record information about a problem area and specify options to tailor the report it generates as follows: 

sudo sosreport [options ...]

For example, to record only information about Apache and Tomcat, and to gather all the Apache logs, use the following command: 

sudo sosreport -o apache,tomcat -k apache.log=on
sosreport (version 2.2)
.
.
.
Press ENTER to continue, or CTRL-C to quit.

To enable all of the boolean options for all of the loaded plugins (excluding the rpm.rpmva plugin) and verify all packages: 

sudo sosreport -a -k rpm.rpmva=off

Note that this process can take a considerable amount of time, but once it has completed, press Enter and then provide any additional information that is required: 

Please enter your first initial and last name [email_address]: AName
Please enter the case number that you are generating this report for: case#

  Running plugins. Please wait ...

  Completed [55/55] ...
Creating compressed archive...

Your sosreport has been generated and saved in:
  /tmp/sosreport-AName.case#-datestamp-ID.tar.xz

The md5sum is: checksum

Please send this file to your support representative.

sosreport saves the report as an xz-compressed tar file in /tmp.

Optionally, to obfuscate sensitive information, you can run the soscleaner command on the compressed archive generated from the sosreport command.

The cleaned report obfuscates the following details:

  • IPv4 addresses and networks (network topologies are retained)

  • MAC addresses

  • Host names

  • User names

Note:

Reports processed with the soscleaner command obfuscate certain details that may be needed for advanced troubleshooting, such as networking information.

If the soscleaner package is not already installed on your system, use yum to install it from the ol7_addons repository: 

sudo yum install soscleaner

To generate a cleaned report, run the soscleaner command on the compressed archive generated from the sosreport command in the /tmp directory: 

sudo soscleaner /var/tmp/sosreport-hostname-case#-datestamp-ID.tar.xz

Press Enter to proceed. After the soscleaner command completes, a new xz-compressed tar file with -obfuscated in the file name is created the /tmp directory.

For more information, see the sosreport(1) and soscleaner(1) manual pages.

Reviewing Information Gathered by sosreport

The sosreport command is automatically configured to collect hardware information, system configuration files and log data, but you can enable and disable modules to suit your own data protection needs.

Note:

The module information that is provided in this table relates to sosreport 3.9. To verify the modules you have installed on your system, read Installing sosreport.

Disabling modules prevents the sosreport command from collecting certain details that may be needed for advanced troubleshooting, such as networking information.

Module Information Type Included Files

anaconda

Installation log files

  • /root/install.log

  • /root/install.log.syslog

  • /var/log/anaconda

  • /var/log/anaconda.*

auditd

Audit log files

  • /etc/audit/auditd.conf

  • /etc/audit/audit.rules

  • /var/log/audit/*

boot

System boot process details

  • /etc/milo.conf

  • /etc/silo.conf

  • /boot/efi/efi/redhat/elilo.conf

  • /etc/yaboot.conf

  • /boot/yaboot.conf

cron

Root user cron commands

  • /etc/cron*

  • /etc/crontab

  • /var/log/cron

  • /var/spool/cron

cups

Printer log files

  • /etc/cups/*.conf

  • /etc/cups/*.types

  • /etc/cups/lpoptions

  • /etc/cups/ppd/*.ppd

  • /var/log/cups/*

date

Context data

  • /etc/localtime

devicemapper

Hardware details

filesys

List of all files in use

  • /proc/fs/*

  • /proc/mounts

  • /proc/filesystems

  • /proc/self/mounts

  • /proc/self/mountinfo

  • /proc/self/mountstats

  • /proc/[0-9]*/mountinfo

  • /etc/mtab

  • /etc/fstab

grub2

Kernel and system start-up configuration

  • /boot/efi/EFI/*/grub.cfg

  • /boot/grub2/grub.cfg

  • /boot/grub2/grubenv

  • /boot/grub/grub.cfg

  • /boot/loader/entries

  • /etc/default/grub

  • /etc/grub2.cfg

  • /etc/grub.d/*

hardware

Hardware details

  • /proc/interrupts

  • /proc/irq

  • /proc/dma

  • /proc/devices

  • /proc/rtc

  • /var/log/mcelog

  • /sys/class/dmi/id/*

  • /sys/class/drm/*/edid

host

Host identification

  • /etc/sos.conf

  • /etc/hostid

kernel

System log files

  • /etc/conf.modules

  • /etc/modules.conf

  • /etc/modprobe.conf

  • /etc/modprobe.d

  • /etc/sysctl.conf

  • /etc/sysctl.d

  • /lib/modules/*/modules.dep

  • /lib/sysctl.d

  • /proc/cmdline

  • /proc/driver

  • /proc/kallsyms

  • /proc/lock*

  • /proc/buddyinfo

  • /proc/misc

  • /proc/modules

  • /proc/slabinfo

  • /proc/softirqs

  • /proc/sys/kernel/random/boot_id

  • /proc/sys/kernel/tainted

  • /proc/timer*

  • /proc/zoneinfo

  • /sys/firmware/acpi/*

  • /sys/kernel/debug/tracing/*

  • /sys/kernel/livepatch/*

  • /sys/module/*/parameters

  • /sys/module/*/initstate

  • /sys/module/*/refcnt

  • /sys/module/*/taint

  • /sys/module/*/version

  • /sys/devices/system/clocksource/*/available_clocksource

  • /sys/devices/system/clocksource/*/current_clocksource

  • /sys/fs/pstore

  • /var/log/dmesg

libraries

List of shared libraries

  • /etc/ld.so.conf

  • /etc/ld.so.conf.d/*

logs

System log files

  • /etc/syslog.conf

  • /etc/rsyslog.conf

  • /etc/rsyslog.d

  • /run/log/journal/*

  • /var/log/auth.log

  • /var/log/auth.log.1

  • /var/log/auth.log.2*

  • /var/log/boot.log

  • /var/log/dist-upgrade

  • /var/log/installer

  • /var/log/journal/*

  • /var/log/kern.log

  • /var/log/kern.log.1

  • /var/log/kern.log.2*

  • /var/log/messages*

  • /var/log/secure*

  • /var/log/syslog

  • /var/log/syslog.1

  • /var/log/syslog.2*

  • /var/log/udev

  • /var/log/unattended-upgrades

lvm2

Hardware details

memory

Hardware details

  • /proc/pci

  • /proc/meminfo

  • /proc/vmstat

  • /proc/swaps

  • /proc/slabinfo

  • /proc/pagetypeinfo

  • /proc/vmallocinfo

  • /sys/kernel/mm/ksm

  • /sys/kernel/mm/transparent_hugepage/enabled

networking

Network identification

  • /etc/dnsmasq*

  • /etc/host*

  • /etc/inetd.conf

  • /etc/iproute2

  • /etc/network*

  • /etc/nftables

  • /etc/nftables.conf

  • /etc/nsswitch.conf

  • /etc/resolv.conf

  • /etc/sysconfig/nftables.conf

  • /etc/xinetd.conf

  • /etc/xinetd.d

  • /etc/yp.conf

  • /proc/net/*

  • /sys/class/net/*/device/numa_node

  • /sys/class/net/*/flags

  • /sys/class/net/*/statistics/*

pam

Login security settings

  • /etc/pam.d/*

  • /etc/security

pci

Hardware details

  • /proc/bus/pci

  • /proc/iomem

  • /proc/ioports

process

List of all running processes and process details

  • /proc/sched_debug

  • /proc/stat

  • /proc/[0-9]*/smaps

processor

Hardware details

  • /proc/cpuinfo

  • /sys/class/cpuid

  • /sys/devices/system/cpu

rpm

Installed software packages

  • /var/lib/rpm/*

  • /var/log/rpmpkgs

sar

Resource and usage data

  • /var/log/sa/*

selinux

Security settings

  • /etc/sestatus.conf

  • /etc/selinux

  • /var/lib/selinux

services

All defined system services

  • /etc/inittab

  • /etc/rc.d/*

  • /etc/rc.local

ssh

SSH configuration

  • /etc/ssh/ssh_config

  • /etc/ssh/sshd_config

x11

GUI logs for the X Window System

  • /etc/X11/*

  • /var/log/Xorg.*.log

  • /var/log/Xorg.*.log.old

  • /var/log/XFree86.*.log

  • /var/log/XFree86.*.log.old

yum

Installed software packages

  • /etc/pki/consumer/cert.pem

  • /etc/pki/entitlement/*.pem

  • /etc/pki/product/*.pem

  • /etc/yum/*

  • /etc/yum.repos.d/*

  • /etc/yum/pluginconf.d/*

  • /var/log/yum.log