Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Getting the most from your Support experience

Red Hat Enterprise Linux 10

Gathering troubleshooting information from RHEL servers with the sos utility

Red Hat Customer Content Services

Abstract

Collect configuration, diagnostic, and troubleshooting data with the sos utility and provide those files to Red Hat Technical Support. The Support team can analyze and investigate this data to resolve your service requests reported in your support case.

Providing feedback on Red Hat documentation
Copy link

We are committed to providing high-quality documentation and value your feedback. To help us improve, you can submit suggestions or report errors through the Red Hat Jira tracking system.

Procedure

  1. Log in to the Jira website.

    If you do not have an account, select the option to create one.

  2. Click Create in the top navigation bar.
  3. Enter a descriptive title in the Summary field.
  4. Enter your suggestion for improvement in the Description field. Include links to the relevant parts of the documentation.
  5. Click Create at the bottom of the window.

To collect configuration details, system information, and diagnostic data from Red Hat Enterprise Linux (RHEL) environment, generate a support operating system(sos) report. By using sosreports utility, the Red Hat Support engineers can analyze and resolve technical issues efficiently.

1.1. Introduction of the sos utility
Copy link

Red Hat technical support engineers start with the sos report when analyzing a service request for a RHEL system. The `sos`utility collects debugging information from one or more systems and uploads the report to Red Hat.

The three sos components are:

  • sos report collects debugging information from one system.
Note

This program was originally named sosreport. Running sosreport no longer works as sos report has to be called instead, with the same arguments.

  • sos collect command collects individual sos reports from a specified set of nodes.
  • sos clean command obfuscates potentially sensitive information such as user names, host names, IP or MAC addresses, or other user-specified data.

The information collected in a report contains configuration details, system information, and diagnostic information from a RHEL system, such as:

  • The running kernel version.
  • Loaded kernel modules.
  • System and service configuration files.
  • Diagnostic command output.
  • A list of installed packages.

The sos utility writes the data it collects to an archive named sosreport-<host_name>-<support_case_number>-<YYYY-MM-DD>-<unique_random_characters>.tar.xz.

The utility stores the archive and its SHA-256 checksum in the /var/tmp/ directory: 

[root@server1 ~]# ll /var/tmp/sosreport*
total 18704
-rw-------. 1 root root 19136596 Jan 25 07:42 sosreport-server1-12345678-2022-01-25-tgictvu.tar.xz
-rw-r--r--. 1 root root       65 Jan 25 07:42 sosreport-server1-12345678-2022-01-25-tgictvu.tar.xz.sha256

Install the sos package on Red Hat Enterprise Linux to enable the generation of diagnostic reports by using the command line. You can run the sos report command, which collects system information and configuration details. Red Hat Support engineers review the details to troubleshoot issues.

Prerequisites

  • You have root privileges.

Procedure

  • Install the sos package: 

    [root@server ~]# dnf install sos

Verification

  • Use the rpm utility to verify that the sos package is installed: 

    [root@server ~]# rpm -q sos
sos-4.2-15.el9.noarch

Generate an sos report from the command line in Red Hat Enterprise Linux to quickly collect system configuration and diagnostic data. Providing this comprehensive report helps Red Hat Support engineers to troubleshoot and resolve your technical issues efficiently.

Prerequisites

  • You have the sos package installed .
  • You have root privileges.

Procedure

  1. Run the sos report command and follow the on-screen instructions. You can add the --upload option to transfer the sos report to Red Hat immediately after generating it. 

    [user@server1 ~]$ sudo sos report
[sudo] password for user:

sos report (version 4.2)

This command collects diagnostic and configuration information from
this Red Hat Enterprise Linux system and installed applications.

An archive containing the collected information is generated in
/var/tmp/sos.qkn_b7by and may be provided to a Red Hat support
representative.

Press ENTER to continue, or CTRL-C to quit.

  2. Optional: If you have already opened a Technical Support case with Red Hat, enter the case number to embed it in the sos report file name. If you specified the --upload option, you can upload the report to that case.

    If you do not have a case number, leave this field blank. Entering a case number is optional and does not affect the operation of the sos utility. 

    Please enter the case id that you are generating this report for []: <8-digit_case_number>

  3. Take note of the sos report file name displayed at the end of the console output. 

    Finished running plugins
Creating compressed archive...

Your sos report has been generated and saved in
/var/tmp/sosreport-server1-12345678-2022-04-17-qmtnqng.tar.xz

Size    16.51MiB
Owner   root
sha256  bf303917b689b13f0c059116d9ca55e341d5fadcd3f1473bef7299c4ad2a7f4f

Please send this file to your support representative.

  4. Optional: You can use the --batch option to generate an sos report without prompting for interactive input. 

    [user@server1 ~]$ sudo sos report --batch --case-id <8-digit_case_number>

  5. You can also use the --clean option to obfuscate a just-collected sos report. 

    [user@server1 ~]$ sudo sos report --clean

Verification

  • Verify that the sos utility created an archive in /var/tmp/ matching the description from the command output. 

    [user@server1 ~]$ sudo ls -l /var/tmp/sosreport*
[sudo] password for user:
-rw-------. 1 root root 17310544 Sep 17 19:11 /var/tmp/sosreport-server1-12345678-2022-04-17-qmtnqng.tar.xz

You can use the sos utility to trigger the sos report command on multiple systems. Wait for the report to terminate and collect all generated reports.

Prerequisites

  • You know the cluster type or list of nodes to run on.
  • You have installed the sos package on all systems.
  • You have SSH keys for the root account on all the systems. You can also provide the root password by using the --password option.

Procedure

  • Run the sos collect command and follow the on-screen instructions.

    Note

    By default, sos collect automatically identifies the cluster type and the nodes from which to collect reports.

    1. You can set the cluster or nodes types manually with the --cluster or --nodes options.
    2. To collect sos reports from your workstation without logging in to a cluster node, use the --master option to point the sos utility at a remote node.
    3. You can add the --upload option to transfer the sos report to Red Hat immediately after generating it.
    4. Any valid sos report option can be further supplied and will be passed to all sos reports executions, such as the --batch and --clean options. 
    [root@primary-rhel10 ~]# sos collect --nodes=sos-node1,sos-node2 -o process,apache --log-size=50

sos-collector (version 4.2)

This utility is used to collect sosreports from multiple nodes simultaneously.
It uses OpenSSH's ControlPersist feature to connect to nodes and run commands remotely. If your system installation of OpenSSH is older than 5.6, please upgrade.

An archive of sosreport tarballs collected from the nodes will be generated in /var/tmp/sos.o4l55n1s and may be provided to an appropriate support representative.

The generated archive may contain data considered sensitive and its content should be reviewed by the originating organization before being passed to any third party.

No configuration changes will be made to the system running this utility or remote systems that it connects to.

Press ENTER to continue, or CTRL-C to quit


Please enter the case id you are collecting reports for: <8-digit_case_number>

sos-collector ASSUMES that SSH keys are installed on all nodes unless the
--password option is provided.

The following is a list of nodes to collect from:
    primary-rhel10
    sos-node1
    sos-node2


Press ENTER to continue with these nodes, or press CTRL-C to quit


Connecting to nodes...

Beginning collection of sosreports from 3 nodes, collecting a maximum of 4 concurrently

primary-rhel10 : Generating sosreport...
sos-node1  : Generating sosreport...
sos-node2 : Generating sosreport...
primary-rhel10 : Retrieving sosreport...
sos-node1  : Retrieving sosreport...
primary-rhel10  : Successfully collected sosreport
sos-node1 : Successfully collected sosreport
sos-node2 : Retrieving sosreport...
sos-node2 : Successfully collected sosreport

The following archive has been created. Please provide it to your support team.
    /var/tmp/sos-collector-2022-05-15-pafsr.tar.xz

Verification

  • Verify that the sos collect command created an archive in the /var/tmp/ directory matching the description from the command output. 

    [root@primary-rhel10 ~]# ls -l /var/tmp/sos-collector*
-rw-------. 1 root root 160492 May 15 13:35 /var/tmp/sos-collector-2022-05-15-pafsr.tar.xz

1.5. Cleaning a sos report
Copy link

The sos utility obfuscates potentially sensitive data, such as user names, host names, IP or MAC addresses, and other user-specified keywords. The original sos report or sos collect stays unchanged, and a new *-obfuscated.tar.xz file is generated and intended to be shared with a third party.

Prerequisites

  • You have generated an sos report or an sos collect tarball.
  • (Optional) You have a list of specific keywords beyond the user names, host names, and other data you want to obfuscate.

Procedure

  • Run the sos clean command on either an sos report or sos collect tarball and follow the on-screen instructions.

    1. You can add the --keywords option to additionally clean a given list of keywords.

    2. You can add the --usernames option to obfuscate further sensitive user names.

      Automatic username cleaning can run for users with a UID of 1000 and above who are reported through the lastlog file. You can use this option for LDAP users who do not appear as an actual login, but can occur in certain log files. 

      [user@server1 ~]$ sudo sos clean /var/tmp/sos-collector-2022-05-15-pafsr.tar.xz
[sudo] password for user:

sos clean (version 4.2)

The command obfuscates potentially sensitive information, such as IP addresses, MAC addresses, domain names, and user-provided keywords.

[NOTE]
====
This utility provides a best-effort approach to data obfuscation, but it does not guarantee that such obfuscation completely covers that data in the archive.
====

You can review any resulting data and archives for remaining sensitive content before you pass them to a third party.


Press ENTER to continue, or CTRL-C to quit.

Found 4 total reports to obfuscate, processing up to 4 concurrently

sosreport-primary-rhel10-2022-05-15-nchbdmd :      Extracting...
sosreport-sos-node1-2022-05-15-wmlomgu :      Extracting...
sosreport-sos-node2-2022-05-15-obsudzc :      Extracting...
sos-collector-2022-05-15-pafsr :                   Beginning obfuscation...
sosreport-sos-node1-2022-05-15-wmlomgu :      Beginning obfuscation...
sos-collector-2022-05-15-pafsr :                   Obfuscation completed
sosreport-primary-rhel10-2022-05-15-nchbdmd :      Beginning obfuscation...
sosreport-sos-node2-2022-05-15-obsudzc :      Beginning obfuscation...
sosreport-primary-rhel10-2022-05-15-nchbdmd :      Re-compressing...
sosreport-sos-node2-2022-05-15-obsudzc :      Re-compressing...
sosreport-sos-node1-2022-05-15-wmlomgu :      Re-compressing...
sosreport-primary-rhel10-2022-05-15-nchbdmd :      Obfuscation completed
sosreport-sos-node2-2022-05-15-obsudzc :      Obfuscation completed
sosreport-sos-node1-2022-05-15-wmlomgu :      Obfuscation completed

Successfully obfuscated 4 report(s)

A mapping of obfuscated elements is available at
    /var/tmp/sos-collector-2022-05-15-pafsr-private_map

The obfuscated archive is available at
    /var/tmp/sos-collector-2022-05-15-pafsr-obfuscated.tar.xz

    Size    157.10KiB
    Owner    root

Please send the obfuscated archive to your support representative and keep the mapping file private

      You can append the cleaner functionality to the sos report or sos collect commands with the --clean option: 

      [user@server1 ~]$ sudo sos report --clean

Verification

  • Verify that the sos clean command created an obfuscated archive and an obfuscation mapping in the /var/tmp/ directory matching the description from the command output. 

    [user@server1 ~]$ sudo ls -l /var/tmp/sos-collector-2022-05-15-pafsr-private_map /var/tmp/sos-collector-2022-05-15-pafsr-obfuscated.tar.xz
[sudo] password for user:

-rw-------. 1 root root 160868 May 15 16:10 /var/tmp/sos-collector-2022-05-15-pafsr-obfuscated.tar.xz
-rw-------. 1 root root  96622 May 15 16:10 /var/tmp/sos-collector-2022-05-15-pafsr-private_map

  • Check the *-private_map file for the obfuscation mapping: 

    [user@server1 ~]$ sudo cat /var/tmp/sos-collector-2022-05-15-pafsr-private_map
[sudo] password for user:

{
    "hostname_map": {
        "pmoravec-rhel10": "host0"
    },
    "ip_map": {
        "10.44.128.0/22": "100.0.0.0/22",
..
    "username_map": {
        "foobaruser": "obfuscateduser0",
        "jsmith": "obfuscateduser1",
        "johndoe": "obfuscateduser2"
    }
}
Important

Keep both the original unobfuscated archive and the *private_map files locally as Red Hat support can refer to the obfuscated terms that you need to translate to the original values.

To generate an sos report and encrypt it with symmetric GPG2 based on a passphrase, secure the contents of an sos report with a password if, for example, you need to transfer it over a public network to a third party.

Ensure you have sufficient space when creating an encrypted sos report, as it temporarily uses double the disk space. The sos utility creates an unencrypted sos report, encrypts it as a new file, and then removes the unencrypted archive.

Prerequisites

  • You have installed the sos package.
  • You have root privileges.

Procedure

  1. Run the sos report command and specify a passphrase with the --encrypt-pass option. You can add the --upload option to transfer the sos report to Red Hat immediately after generating it. 

    [user@server1 ~]$ sudo sos report --encrypt-pass my-passphrase
[sudo] password for user:

sosreport (version 4.2)

This command will collect diagnostic and configuration information from
this Red Hat Enterprise Linux system and installed applications.

An archive containing the collected information will be generated in
/var/tmp/sos.6lck0myd and may be provided to a Red Hat support
representative.

...

Press ENTER to continue, or CTRL-C to quit.

  2. Optional: If you have already opened a Technical Support case with Red Hat, enter the case number to embed it in the sos report file name, by using the --upload option. If you do not have a case number, leave the field blank as it does not affect the operation of the sos utility. 

    Please enter the case id that you are generating this report for []: <8-digit_case_number>

  3. Take note of the sos report file name displayed at the end of the console output. 

    Finished running plugins
Creating compressed archive...

Your sosreport has been generated and saved in:
/var/tmp/secured-sosreport-server1-12345678-2022-01-24-ueqijfm.tar.xz.gpg

Size    17.53MiB
Owner   root
sha256     bf303917b689b13f0c059116d9ca55e341d5fadcd3f1473bef7299c4ad2a7f4f

Please send this file to your support representative.

Verification

  1. Verify that the sos utility created an archive meeting the following requirements:

    • File name starts with secured.
    • File name ends with a .gpg extension.

    • Located in the /var/tmp/ directory. 

      [user@server1 ~]$ sudo ls -l /var/tmp/sosreport*
[sudo] password for user:
-rw-------. 1 root root 18381537 Jan 24 17:55 /var/tmp/secured-sosreport-server1-12345678-2022-01-24-ueqijfm.tar.xz.gpg

  2. Verify that you can decrypt the archive with the same passphrase you used to encrypt it.

    1. Use the gpg command to decrypt the archive. 

      [user@server1 ~]$ sudo gpg --output decrypted-sosreport.tar.gz --decrypt /var/tmp/secured-sosreport-server1-12345678-2022-01-24-ueqijfm.tar.xz.gpg

    2. When prompted, enter the passphrase you used to encrypt the archive. 

      ┌──────────────────────────────────────────────────────┐
│ Enter passphrase                                     │
│                                                      │
│                                                      │
│ Passphrase: <passphrase>                             │
│                                                      │
│       <OK>                              <Cancel>     │
└──────────────────────────────────────────────────────┘

    3. Verify that the gpg utility produced an unencrypted archive with a .tar.gz file extension. 

      [user@server1 ~]$ sudo ls -l decrypted-sosreport.tar.gz
[sudo] password for user:
-rw-r--r--. 1 root root 18381537 Jan 24 17:59 decrypted-sosreport.tar.gz

Generate an sos report and secure it with GPG passphrase encryption in Red Hat Enterprise Linux to protect your sensitive diagnostic data. Encrypting this archive ensures that your system configuration details remain confidential and safe from unauthorized access during transmission to Red Hat Support.

Ensure you have sufficient space when creating an encrypted sos report, as it temporarily uses double the disk space:

  1. The sos utility creates an unencrypted sos report.
  2. The utility encrypts the sos report as a new file.
  3. The utility then removes the unencrypted archive.

Prerequisites

  • The sos package is installed.
  • You have root privileges.
  • A GPG2 key is created.

Procedure

  1. Run the sos report command and specify the username that owns the GPG keyring with the --encrypt-key option. You can add the --upload option to transfer the sos report to Red Hat immediately after generating it.

    Note

    If you run the sos report command, you must own the GPG keyring that encrypts and decrypts the report. When you run the command as a sudo user, configure the keyring as a user with sudo privileges. 

    [user@server1 ~]$ sudo sos report --encrypt-key root
[sudo] password for user:

sosreport (version 4.2)

This command will collect diagnostic and configuration information from
this Red Hat Enterprise Linux system and installed applications.

An archive containing the collected information will be generated in
/var/tmp/sos.6ucjclgf and may be provided to a Red Hat support
representative.

...

Press ENTER to continue, or CTRL-C to quit.

  2. Optional: If you have already opened a Technical Support case with Red Hat, enter the case number to embed it in the sos report file name by using the --upload option. If you do not have a case number, leave the field blank as it does not affect the operation of the sos utility. 

    Please enter the case id that you are generating this report for []: <8-digit_case_number>

  3. Take note of the sos report file name displayed at the end of the console output. 

    ...
Finished running plugins
Creating compressed archive...

Your sosreport has been generated and saved in:
/var/tmp/secured-sosreport-server1-23456789-2022-02-27-zhdqhdi.tar.xz.gpg

Size    15.44MiB
Owner   root
sha256  bf303917b689b13f0c059116d9ca55e341d5fadcd3f1473bef7299c4ad2a7f4f

Please send this file to your support representative.

Verification

  1. Verify that the sos utility created an archive meeting the following requirements:

    • File name starts with secured.
    • File name ends with a .gpg extension.

    • Located in the /var/tmp/ directory. 

      [user@server1 ~]$ sudo ls -l /var/tmp/sosreport*
[sudo] password for user:
-rw-------. 1 root root 16190013 Jan 24 17:55 /var/tmp/secured-sosreport-server1-23456789-2022-01-27-zhdqhdi.tar.xz.gpg

  2. Verify you can decrypt the archive with the same key you used to encrypt it.

    1. Use the gpg command to decrypt the archive. 

      [user@server1 ~]$ sudo gpg --output decrypted-sosreport.tar.gz --decrypt /var/tmp/secured-sosreport-server1-23456789-2022-01-27-zhdqhdi.tar.xz.gpg

    2. When prompted, enter the passphrase you used when creating the GPG key. 

      ┌────────────────────────────────────────────────────────────────┐
│ Please enter the passphrase to unlock the OpenPGP secret key:  │
│ "GPG User (first key) <root@example.com>"                      │
│ 2048-bit RSA key, ID BF28FFA302EF4557,                         │
│ created 2020-01-13.                                            │
│                                                                │
│                                                                │
│ Passphrase: <passphrase>                                       │
│                                                                │
│         <OK>                                    <Cancel>       │
└────────────────────────────────────────────────────────────────┘

    3. Verify that the gpg utility produced an unencrypted archive with a .tar.gz file extension. 

      [user@server1 ~]$ sudo ll decrypted-sosreport.tar.gz
[sudo] password for user:
-rw-r--r--. 1 root root 16190013 Jan 27 17:47 decrypted-sosreport.tar.gz

1.8. Creating a GPG2 key
Copy link

Generate an sos report and encrypt it with a GPG passphrase in Red Hat Enterprise Linux to protect your diagnostic data during transmission to Red Hat Support.

Prerequisites

  • You have root privileges.

Procedure

  1. Install and configure the pinentry utility. 

    [root@server ~]# dnf install pinentry
[root@server ~]# mkdir ~/.gnupg -m 700
[root@server ~]# echo "pinentry-program /usr/bin/pinentry-curses" >> ~/.gnupg/gpg-agent.conf

  2. Create a key-input file used for generating a GPG keypair with your preferred details. For example: 

    [root@server ~]# cat >key-input <<EOF
%echo Generating a standard key
Key-Type: RSA
Key-Length: 2048
Name-Real: GPG User
Name-Comment: first key
Name-Email: root@example.com
Expire-Date: 0
%commit
%echo Finished creating standard key
EOF

  3. Optional: By default, GPG2 stores its keyring in the ~/.gnupg file. To use a custom keyring location, set the GNUPGHOME environment variable to a directory that is only accessible by root. 

    [root@server ~]# export GNUPGHOME=/root/backup

[root@server ~]# mkdir -p $GNUPGHOME -m 700

  4. Generate a new GPG2 key based on the contents of the key-input file. 

    [root@server ~]# gpg2 --batch --gen-key key-input

  5. Enter a passphrase to protect the GPG2 key. You use this passphrase to access the private key for decryption. 

    ┌──────────────────────────────────────────────────────┐
│ Please enter the passphrase to                       │
│ protect your new key                                 │
│                                                      │
│ Passphrase: <passphrase>                             │
│                                                      │
│	 <OK>                             <Cancel>         │
└──────────────────────────────────────────────────────┘

  6. Confirm the correct passphrase by entering it again. 

    ┌──────────────────────────────────────────────────────┐
│ Please re-enter this passphrase                      │
│                                                      │
│ Passphrase: <passphrase>                             │
│                                                      │
│	 <OK>                             <Cancel>         │
└──────────────────────────────────────────────────────┘

  7. Verify that the new GPG2 key was created successfully. 

    gpg: keybox '/root/backup/pubring.kbx' created
gpg: Generating a standard key
gpg: /root/backup/trustdb.gpg: trustdb created
gpg: key BF28FFA302EF4557 marked as ultimately trusted
gpg: directory '/root/backup/openpgp-revocs.d' created
gpg: revocation certificate stored as '/root/backup/openpgp-revocs.d/8F6FCF10C80359D5A05AED67BF28FFA302EF4557.rev'
gpg: Finished creating standard key

Verification

  • List the GPG keys on the server. 

    [root@server ~]# gpg2 --list-secret-keys
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
/root/backup/pubring.kbx
------------------------
sec   rsa2048 2020-01-13 [SCEA]
      8F6FCF10C80359D5A05AED67BF28FFA302EF4557
uid           [ultimate] GPG User (first key) <root@example.com>

If a Red Hat Enterprise Linux (RHEL) host does not boot properly, you can boot the host into a rescue environment to gather an sos report. By using the rescue environment, you can mount the target system under /mnt/sysroot, access its contents, and run the sos report command.

Prerequisites

  • If the host is a bare-metal server, you have physical access to the machine.
  • If the host is a virtual machine, you have access to the virtual machine’s settings in the hypervisor.
  • A RHEL installation source, such as an ISO image file, an installation DVD, a netboot CD, or a Preboot Execution Environment (PXE) configuration providing a RHEL installation tree.

Procedure

  1. Boot the host from an installation source.
  2. In the boot menu for the installation media, select the Troubleshooting option.
  3. In the Troubleshooting menu, select the Rescue a Red Hat Enterprise Linux system option.

  4. At the Rescue menu, select 1 and press the Enter key to continue and mount the system under the /mnt/sysroot directory. 

    …​
1) Continue
2) Read-only mount
3) Skip to shell
4) Quit (Reboot)
Please make a selection from the above: 1

  5. Press the Enter key to obtain a shell when prompted. 

    Rescue Shell

Your system has been mounted under /mnt/sysroot.

If you would like to make the root of your system the root of the activate system, run the command:

    chroot /mnt/sysroot
Warning: The rescue shell will trigger SELinux autorelabel on the subsequent boot. Add "enforcing=0" on the kernel command line for autorelabel to work properly.
When finished, please exit from the shell and your system will reboot.

Please press ENTER to get a shell:
bash-5.2#

  6. Use the chroot command to change the apparent root directory of the rescue session to the /mnt/sysroot directory. 

    Rescue Shell
…​
Please press ENTER to get a shell:
bash-5.2# chroot /mnt/sysroot/

  7. Optional: Optional: If you did not set up the network during the initial rescue environment and need to transfer the sos report over the network, configure it now.

    1. Identify the Ethernet device you want to use: 

      # ip link show
…​
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether 52:54:00:74:79:56 brd ff:ff:ff:ff:ff:ff

    2. Assign an IP address to the network interface, and set the default gateway. For example, if you want to add the IP address of 192.168.0.1 with a subnet of 255.255.255.0, which is a Classless Inter-Domain Routing (CIDR) of 24, to device enp1s0, enter: 

      # ip address add <192.168.0.1/24> dev <enp1s0>
# ip route add default via <192.168.0.254>

    3. Add a nameserver entry to the /etc/resolv.conf file, for example: 

      nameserver <192.168.0.5>

  8. Run the sos report command and follow the on-screen instructions. You can add the --upload option to transfer the sos report to Red Hat immediately after generating it. 

    bash-5.2# sos report
sos report (version 4.8.2)

This command will collect system configuration and diagnostic
information from this Fedora Linux system.

For more information on the Fedora Project visit:

        Community Website : https://fedoraproject.org/
        Community Forums  : https://discussion.fedoraproject.org/

The generated archive may contain data considered sensitive and its
content should be reviewed by the originating organization before being
passed to any third party.

No changes will be made to system configuration.

Press ENTER to continue, or CTRL-C to quit.

  9. Optional: If you have already opened a Technical Support case with Red Hat, enter the case number to embed it in the sos report file name, by using the --upload option. If you do not have a case number, leave the field blank as it does not affect the operation of the sos utility. 

    sos report (version 4.8.2)
…​

Press ENTER to continue, or CTRL-C to quit.
Optionally, please enter the case id that you are generating this report for []:

  10. Take note of the sos report file name displayed at the end of the console output. 

    Finished running plugins
Creating compressed archive…​

Your sosreport has been generated and saved in:
/var/tmp/secured-sosreport-unused-2025-05-14-lofqhen.tar.xz

Size    9.30MiB
Owner   root
sha256     bf303917b689b13f0c059116d9ca55e341d5fadcd3f1473bef7299c4ad2a7f4f

Please send this file to your support representative.
bash-5.2#
  11. If your host does not have a connection to the internet, use a file transfer utility such as scp to transfer the sos report to another host. You can then upload it to a Red Hat Technical Support case.

Verification

  • Verify that the sos utility created an archive in the /var/tmp/ directory. 

    $ ls -l /var/tmp/sosreport*
-rw-r—​r--. 1 root root       65 Mar 14  2025 /var/tmp/sosreport-example.hostname-2025-05-14-lofqhen.tar.xz.sha256
-rw-------. 1 root root 17036176 Mar 14  2025 /var/tmp/sosreport-example.hostname-2025-05-14-lofqhen.tar.xz5-14-lofqhen.tar.xz

To troubleshoot your Red Hat Enterprise Linux system faster, select a method to submit an sos report to Red Hat Support. Providing diagnostic data helps support engineers to efficiently analyze system configurations and resolve issues.

You can use the following methods to upload your sos report to Red Hat Technical Support:

Upload files by using the sos report command

Use the --upload option to transfer the sos report to Red Hat immediately after generating it.

  • If you provide one of the following options:

    • a case ID when prompted
    • the --case-id option

    • the --ticket-number option

      the sos utility uploads the sos report to your case after you authenticate your device.

  • If you do not provide a case number or authenticate your device, the utility anonymously uploads the sos report to the Red Hat public SFTP site. Provide Red Hat Technical Support Engineers with the name and number of the auxiliary user used for the upload so they can access it.

  • Generate and upload the sos report to the Red Hat Technical Support: 

    [user@server1 ~]$ sudo sos report --upload

sosreport (version 4.7.0)
...
Optionally, please enter the case id that you are generating this report for []:
...
Your sosreport has been generated and saved in:
	/var/tmp/sosreport-localhost-2024-03-19-xavvwkw.tar.xz
...

    • If you specify the case ID, the output is: 

      Attempting upload to Red Hat Customer Portal
Please visit the following URL to authenticate this device: https://sso.redhat.com/device?user_code=VGEL-PYIM
Device authorized correctly. Uploading file to Red Hat Customer Portal
Uploaded archive successfully

    • If you do not specify the case ID, the output is: 

      Attempting upload to Red Hat Secure FTP
Please visit the following URL to authenticate this device: https://sso.redhat.com/device?user_code=VGEL-PYIM
Device authorized correctly. Uploading file to Red Hat Secure FTP
Uploaded archive successfully
Upload files by using the Red Hat Customer Portal

Using your Red Hat user account, you can log in the Support Cases section of the Red Hat Customer Portal website and upload an sos report to a technical support case.

To log in, visit Support Cases.

Upload files by using the sos upload command

You can upload any file in the system to the customer portal by using the sos upload <file_name> command. The sos upload <file_name> command is replacement for the redhat-support-tool addattachment command. 

[user@server1 ~]$ sudo sos upload <file_name>

Note that you must explicitly write the file name in the command-line because the subsystem does not prompt for it.

To collect system configuration and diagnostic data, generate an sos report by using the Red Hat Enterprise Linux web console.

To collect system configuration and diagnostic data, generate an sos report by using the Red Hat Enterprise Linux web console. Providing these details lets Red Hat Support engineers to analyze your environment and troubleshoot issues efficiently.

Prerequisites

Procedure

  1. Log in to the RHEL web console. For details, see Logging in to the web console.
  2. In the navigation panel menu, click Tools > Diagnostic reports.
  3. To generate a new diagnostic report, click the Run report button.
  4. Enter the label for the report you want to create.

  5. Optional: Customize your report.

    1. Enter the encryption passphrase to encrypt your report. If you want to skip the encryption of the report, leave the field empty.
    2. Select the Obfuscate network addresses, hostnames, and usernames checkbox.
    3. Select the Use verbose logging checkbox.
  6. Click the Run report button to generate a report and wait for the process to complete. You can stop generating the report using the Stop report button.

You can select and download diagnostic reports in the RHEL web console graphical user interface.

Prerequisites

  • You have installed the RHEL 10 web console.

    For instructions, see Installing and enabling the web console.

  • You have administrator privileges.
  • One or more diagnostic reports have been generated.

Procedure

  1. Log in to the RHEL 10 web console.
  2. In the navigation panel menu, select Tools > Diagnostic reports.
  3. Click the Download button next to the report that you want to download.

Next step

To reclaim system storage space, delete an sos report by using the RHEL web console. Removing obsolete diagnostic files ensures you maintain sufficient disk capacity for ongoing operations.

Prerequisites

  • The RHEL web console has been installed. For details, see Installing the web console.
  • You have administrator privileges.
  • One or more diagnostic reports have been generated.

Procedure

  1. Log in to the RHEL web console. For details, see Logging in to the web console.
  2. In the navigation panel menu, select Tools > Diagnostic reports.
  3. Click the vertical ellipsis by the Download button next to the report that you want to delete, then click the Delete button.
  4. In the Delete report permanently? window, click the Delete button to delete the report.

Legal Notice
Copy link

Copyright © Red Hat.
Except as otherwise noted below, the text of and illustrations in this documentation are licensed by Red Hat under the Creative Commons Attribution–Share Alike 3.0 Unported license . If you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, the Red Hat logo, JBoss, Hibernate, and RHCE are trademarks or registered trademarks of Red Hat, LLC. or its subsidiaries in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
XFS is a trademark or registered trademark of Hewlett Packard Enterprise Development LP or its subsidiaries in the United States and other countries.
The OpenStack® Word Mark and OpenStack logo are trademarks or registered trademarks of the Linux Foundation, used under license.
All other trademarks are the property of their respective owners.
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Legal Notice

Theme

© 2026 Red HatBack to top