01. What is the sos Report Command? Written on . Posted in sos command.
The sos report command and now sos report, is an open source tool that has been around since 2009. Written in Python the tool is designed to perform a complete scanning and data-gathering, deep into the heart of your Linux system. It collects vital diagnostics information like —logs, configuration settings, hardware details and commands outputs— from across the system. With this report, administrators and engineers can peer into the intricate workings of their servers, seeking patterns in the chaos, much like a doctor uses MRI imaging to examine inside the human body.
The command provides a snapshot, a detailed account of a moment in the life of your system, helping to decode the causes of poor performance, instability or malfunction. Such a tool is invaluable, for it helps to quickly find root cause and understanding of what might otherwise remain a problem.
The tool is safe to execute as it does not make modifications to your system configuration.
Who is behind sos report?
sosreport (now referred to simply as sos) is an open-source Python project that has been actively developed since 2009. Originally created by Red Hat Inc., the project has since seen contributions from Canonical Ltd., as well as individuals from companies such as:
- Rackspace US, Inc.,
- EMC Corporation (now Dell),
- IBM Corporation,
- Hewlett-Packard Development Company, L.P.,
- Oracle Corporation,
- and organizations like The Linux Foundation
- and the Samba project.
The project is actively maintained on GitHub, with regular updates that include new plugins, enhanced functionality, and bug fixes. As of the date of this article, the latest version is sos-4.9.1, which includes support for over 250 plugins.
1. Collecting System Information
When you run sos report, it executes a wide variety of plugins that collect system information from various subsystems, including:
- Hardware details: CPU, memory, disk, network devices, etc.
- Kernel information: Kernel version, modules, and logs.
- System logs: Logs from /var/log/, including system logs, service logs, and security logs.
- Configuration files: Important configuration files from services like Apache, MySQL, NFS, etc.
- Performance metrics: Information about system resource usage (CPU, memory, disk I/O, etc.).
- Installed packages: Lists of installed RPMs or DEBs, depending on the distribution.
- Network details: IP configurations, network interfaces, routing tables, firewall rules, and more.
2. Plugins System
The sos report tool uses a modular plugin architecture, where each plugin is responsible for collecting information about a specific subsystem (e.g., kernel, network, storage, etc.). This allows for targeted data collection and can be customized based on the system setup. Some important plugins include:
- network: Collects network-related information.
- memory: Gathers memory usage and swap details.
- storage: Collects disk and filesystem-related information.
3. Running the Command
- It will ask for confirmation to proceed.
- Optionally it may also ask for a case ID or ticket number (which is typically provided by support personnel).
- Optionally it can encrypt all the information gathered.
- Optionally, it can redact sensitive information (like IP addresses, hostnames, or passwords) if needed.
4. Generating the Report
Once executed, sosreport gathers all the data and compresses it into a single tarball (sosreport-HOSTNAME-DATE-ID.tar.xz). The report is usually saved in /var/tmp/ unless specified otherwise.
5. Customizing the Collection
You can customize what information is collected by using various options:
- Exclude certain plugins if they are irrelevant or collect too much data:
sudo sos report --skip-plugins network,storage.
- Limit specific commands or configurations using options like --profile to limit to specific areas (e.g., just gathering network diagnostics):
sudo sos report --profile network
6. Upload or Share with Support
After the report is generated, you typically send it to the support team. It contains all the relevant diagnostic information they need to analyze the system state without needing to access it directly.
In summary, the sos report command automates the process of collecting system information, combining configuration files, logs, and performance data into a single, easy-to-share archive. It’s a comprehensive tool that enables effective debugging and troubleshooting in complex environments.