RHEL: How to Generate a SOS Report Log Bundle in Red Hat Enterprise Linux

The sos report is a log bundle that collects various system logs, configuration files, and command output from a Linux system. It is a standardized way to collect diagnostic information from the operating system for investigation by Dell domain engineers and Linux vendor support.
 

The 'sos' package provides the sos report command, which is typically installed by default in Red Hat Enterprise Linux.

To verify the package installation:

# rpm -q sos
sos-4.5.1-3.el8.noarch

If for some reason the 'sos' package is not installed, it can be installed using the below command:

# yum install sos

To generate a sos report in interactive mode (run as root):

• Red Hat Enterprise Linux 8 and later:

# sos report

• For Red Hat Enterprise Linux 7 and earlier:

# sosreport

Optionally, include the --batch option to generate a sos report in noninteractive mode:

# sos report –-batch
Or
# sosreport --batch

The log bundle (and its associated checksum file) can typically be saved in /var/tmp/. Older versions of Red Hat Enterprise Linux may save to a different location, but it is specified in the command output.

Example:

# ls /var/tmp/sosreport*
sosreport-rhel8vm-809520-2023-05-09-gbvkemd.tar.xz
sosreport-rhel8vm-809520-2023-05-09-gbvkemd.tar.xz.sha256

Once generated, the user may require a copy of the log bundle on a local system. Usually, users use an SCP utility such as WinSCP to copy and download the file. This only requires SSH access to the server.

See Red Hat articles:

• What is a sos report and how to create one in Red Hat Enterprise Linux?
• How to generate sosreport from the rescue environment

Ubuntu: How to generate an sosreport log bundle in Ubuntu Linux Server