Generating an sos report with sensitive data removed
Environment
- Red Hat Enterprise Linux 10
- Red Hat Enterprise Linux 9
- Red Hat Enterprise Linux 8
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
Issue
- How to generate a sosreport with obfuscated sensitive information such as hostname, IP address, MAC address, etc?
- Is a
soscleanerutility provided by Red Hat?
Resolution
The soscleaner functionality is present in the Red Hat Enterprise Linux 8 sosreport package sos-4.0-11.el8 and it is present on sos package shipped with Red Hat Enterprise Linux 9.
Examples :
- Command to capture sosreport with obfuscated data :
# sos report --clean
- Command to obfuscate data from already captured sosreport :
# sos clean <Path-To-Already-Captured-Sosreport-Archive>
◇ Note : soscleaner functionality will not be added to the sos package on Red Hat Enterprise Linux 7 or earlier versions.
- To know
more detailsaboutsos cleancommand execute below inRHEL 9.
# sos clean help
sos clean (version 4.2)
This command will attempt to obfuscate information that is generally considered to be potentially sensitive. Such information includes IP addresses, MAC addresses, domain names, and any user-provided keywords.
Note that this utility provides a best-effort approach to data obfuscation, but
it does not guarantee that such obfuscation provides complete coverage of all
such data in the archive, or that any obfuscation is provided to data that does
not fit the description above.
Users should review any resulting data and/or archives generated or processed by this utility for remaining sensitive content before being passed to a third party.
Press ENTER to continue, or CTRL-C to quit.
Alternative for RHEL-7 and RHEL-6
The `redhat-support-tool` does include a version of soscleaner that can obfuscate sosreport data while attaching it to ticket with sub-command `addattachment`. The "-o" argument can be provided to obfuscate the data. The resulting sosreport will be attached to the specified CASE_NUMBER and the resulting cleaned sosreport will also be put in `/tmp/` along with some .csv files indicating which obfuscated mappings were used.
- The Red Hat Support Tool for Red Hat Enterprise Linux is installed by running the following command. For more details, please refer to Red Hat Access: Red Hat Support Tool.
# yum install redhat-support-tool
Examples :
- Command to capture sosreport with obfuscated data and upload it to case :
# redhat-support-tool addattachment -c <Red_Hat_Case_Number> -o -g
◇ Note : With "-g", sosreport will be captured with --batch, which means generating sosreport archive without prompting for interactive input.
Also sosreport package sos should present on server to generate sosreport.
- Command to upload the already captured sosreport with obfuscated data :
# redhat-support-tool addattachment -c <Red_Hat_Case_Number> -o <Path-To-Already-Captured-Sosreport-Archive>
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.