Elements collected by ABRT

Updated -

Description of data elements collected by ABRT. These elements are stored in the form of files in a single directory per detected problem (such a directory is called 'dump directory')

Element name Description
abrt_version ABRT version string
analyzer Identifier of the tool that detected the problem
architecture Machine architecture string
backtrace Original backtrace or backtrace produced by retracing process
backtrace_rating Numerical representation of quality of backtrace based on ratio of unrecognized frames among all backtrace frames
binary Copy of /proc/[pid]/exe file (only if enabled in /etc/abrt/plugins/CCpp.conf)
cgroup Cgroup (control group) information for crashed process
cmdline Copy of /proc/[pid]/cmdline file
comment User comment of the crash
component Name of the package's Source RPM
container Value of container environment variable if exists
container_cmdline Command line of the first non-containerized parent process of a crashed process
container_id The first column of docker ps output (7e00595ea1c3) - parsed from mountinfo
container_image Name of the image used to create a container
container_uuid Value of container_uuid environment variable if exists
core_backtrace Machine readable backtrace with no private data
coredump Coredump of the crashing process
count Number of times this problem occured
crash_function Function which crashed
dmesg Copy of dmesg
docker_inspect Output of docker inspect $(container_id)
dso_list List of dynamic libraries loaded at the time of crash
duphash Hash of the crash's backtrace
environ Dump of process environment variable along with their values
event_log Messages produced by ABRT tools during processing the detected problem
executable Executable path of the component which caused the problem.
global_pid Value of %P as passed by kernel to the core_pattern helper (see man core for more details)
hostname Hostname of the affected machine
kernel Kernel version string
kernel_log Results of vmcore crash analysis performed by retrace-server
kernel_tainted_long Tainted kernel description
kernel_tainted_short Kernel tainted flags (For more information about tainted flags see [1])
last_occurrence Time of the last occurence (unixtime)
limits Copy of /proc/[pid]/limits file
maps Copy of /proc/[pid]/maps file of the problem executable
mountinfo Copy of /proc/[pid]/mountinfo
namespaces List of process's namespaces compared to PID1's namespaces
not-reportable Reason why a crash is not reportable
open_fds List of file descriptors open at the time of crash
os_info Copy of /etc/os-release
os_info_in_rootdir Copy of /etc/os-release from crashed process' root directory
os_release Operating system release string
os_release_in_rootdir System release string from crashed process' root directory
package Package that owns the program that crashed
pid Process ID
pkg_arch Package architecture
pkg_epoch Package epoch
pkg_fingerprint Package fingerprint (See [2])
pkg_name Package name
pkg_release Package release
pkg_vendor Package vendor (RHEL packages -> "Red Hat, Inc.")
pkg_version Package version
proc_pid_status Copy of /proc/[pid]/status file
reason Reason of the crash
remote Bool - is crash from remote machine
remote_result Remote result
reported_to If the problem was already reported, this item contains URLs of the services where it was reported
reproducer Steps, how to reproduce problem, filled by user
reproducible How reproducible is the problem (e.g. "The problem occurs regularly")
rootdir Path to the root directory of the crashed process (e.g. chroot, Mount NS)
smaps Copy of /proc/[pid]/limits file
suspend_stats Copy of /sys/kernel/debug/suspend_stats
tid TID of thread that triggered core dump, as seen in the initial PID namespace
time Time of the occurence (unixtime)
type Type of crash
uid User ID
username Name of the user
uuid Unique problem identifier computed as a hash of the first three frames of the backtrace
var_log_messages Part of the /var/log/messages file which contains crash information
vmcore Vmcore

[1] https://www.kernel.org/doc/Documentation/oops-tracing.txt
[2] https://access.redhat.com/security/team/key