Generating a sosreport with sensitive data removed
Environment
- Red Hat Enterprise Linux 9
- Red Hat Enterprise Linux 8
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
Issue
- How to generate a sosreport with obfuscated sensitive information such as hostname, IP address, MAC address, etc?
- Is a
soscleaner
utility provided by Red Hat?
Resolution
The soscleaner
functionality is present in the Red Hat Enterprise Linux 8
sosreport package sos-4.0-11.el8 and it is present on sos package shipped with Red Hat Enterprise Linux 9
.
Examples :
- Command to capture sosreport with obfuscated data :
# sos report --clean
- Command to obfuscate data from already captured sosreport :
# sos clean <Path-To-Already-Captured-Sosreport-Archive>
◇ Note : soscleaner
functionality will not be added to the sos
package on Red Hat Enterprise Linux 7 or earlier
versions.
- To know
more details
aboutsos clean
command execute below inRHEL 9
.
# sos clean help
sos clean (version 4.2)
This command will attempt to obfuscate information that is generally considered to be potentially sensitive. Such information includes IP addresses, MAC addresses, domain names, and any user-provided keywords.
Note that this utility provides a best-effort approach to data obfuscation, but
it does not guarantee that such obfuscation provides complete coverage of all
such data in the archive, or that any obfuscation is provided to data that does
not fit the description above.
Users should review any resulting data and/or archives generated or processed by this utility for remaining sensitive content before being passed to a third party.
Press ENTER to continue, or CTRL-C to quit.
Alternative for RHEL-7 and RHEL-6
The redhat-support-tool
does include a version of soscleaner that can obfuscate sosreport data while attaching it to ticket with sub-command addattachment
. The "-o" argument can be provided to obfuscate the data. The resulting sosreport will be attached to the specified CASE_NUMBER and the resulting cleaned sosreport will also be put in /tmp/
along with some .csv files indicating which obfuscated mappings were used.
- The Red Hat Support Tool for Red Hat Enterprise Linux is installed by running the following command. For more details, please refer to Red Hat Access: Red Hat Support Tool.
# yum install redhat-support-tool
Examples :
- Command to capture sosreport with obfuscated data and upload it to case :
# redhat-support-tool addattachment -c <Red_Hat_Case_Number> -o -g
◇ Note : With "-g", sosreport will be captured with --batch, which means generating sosreport archive without prompting for interactive input.
Also sosreport package sos
should present on server to generate sosreport.
- Command to upload the already captured sosreport with obfuscated data :
# redhat-support-tool addattachment -c <Red_Hat_Case_Number> -o <Path-To-Already-Captured-Sosreport-Archive>
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments