sos-vault
Features Pricing Blog
Sign up

Existing customer? Sign in

prev post back to the blog next post

14. Including Your Own Files in the sos Report Written on . Posted in sos command.

14. Including Your Own Files in the sos Report

The sos_extras plugin

sos report command includes a plugin called sos_extras that collects extra data defined in one or more configuration files inside /etc/sos/extras.d directory. This directory is empty by default and the name of the files are not restricted.

This plugin is designed to collect additional custom or user-specified information during the generation of an sos report. It extends the default functionality of sos report by allowing administrators to tailor the output to their specific troubleshooting or analysis needs.

The plugin traverses this directory and for each file there, it will parse it and interpret each line in search of comments, commands to execute or files to include optionally with a sizelimit defined.

Example

The best way to explain the sos_extras plugin behaviour is through an example. Let's say you want to collect additional information about a custom application called myapp, including the output of the "myapp --status" command, all the logs from /var/log/myapp.d directory and the content of /etc/myapp/config.yaml.

You will have to create the configuration file /etc/sos/extras.d/myapp that will look like this:

# Configuration for sos_extras to gather custom data for myapp
# [commands]
/usr/local/bin/myapp --status

# [files]
:/var/log/myapp/*
:/etc/myapp/config.yaml 7983

Please notice how comments lines start with a hash character; a file or directory specification line starts with a colon character and any other line that is not empty will be interpreted as a command. Also note how the config.yaml file specification contains a file size limit; in this example the file cannot exceed 7983 bytes.

WARNING: be careful what files to collect or what commands to execute:

  • all these commands are executed as root!
  • avoid calling potentially dangerous or system altering commands.
  • avoid using multiple commands on a single line (via pipes, semicolon etc.).
  • avoid executing commands on background.
  • avoid setting environment variables (as those will be ignored).
  • be very careful runnin altering system commands (like "rm -rf").
  • be aware, no secret obfuscation is made.                 

The files collected by the sos_extras plugins will be available in the report in the corresponding paths (/var/log/myapp and /etc/myapp/config.yaml in our example) and the output for all the commands will be stored under /sos_commands/sos_extras/myapp directory

prev post back to the blog next post