Contact us
ArticlesRocky Linux

Generating sosreports in Rocky Linux

diagnosticsrocky linuxsosreporttroubleshooting

Howard Van Der Wal
Sr. Customer Support Engineer

Jun 18, 2025

Introduction

Generating a comprehensive diagnostic report using the sosreport utility is an essential step in troubleshooting and diagnosing issues on Rocky Linux systems.

The sosreport gathers critical information such as system logs, hardware details, installed software, and configurations, helping CIQ's Support Team to rapidly analyze and resolve issues.

This article covers various methods for creating an sosreport on Rocky Linux 8.10, Rocky Linux 9.6, and Rocky Linux 10.

Problem

Users may encounter system instability, performance issues, hardware failures, or other problems that require detailed analysis of the entire system.

Symptoms

Common symptoms requiring an sosreport include system crashes, performance degradation, unexplained errors in logs, failing applications or hardware operations, and general instability.

Resolution

Prerequisites

  • An installation of Rocky Linux 8, 9, or 10.

  • Root access or equivalent sudo privileges

  • Install the sos package with sudo dnf install -y sos (in the above three Rocky Linux versions, the package is installed by default).

Ways to generate an sosreport

Basic sosreport generation:

sudo sos report

Creating sosreport silently with default answers (you will not be prompted for a case ID):

sudo sos report --quiet

Generating a report in a custom location:

sudo sos report --tmp-dir=/path/to/custom/location

Generating an sosreport without being prompted for input:

sudo sos report --batch

Specifying a case ID or support reference:

sudo sos report --case-id=<case-number>

Limiting modules included in the report:

sudo sos report -o kernel,networking,system

Enable all available plugins when generating a report:

sudo sos report --alloptions

Obfuscating an sosreport

In order to perform obfuscation of an sosreport, select one of the above commands and add the --clean flag to obfuscate the information:

sudo sos report --alloptions --clean

An obfuscated report would look like the following example:

sosreport-host0-8-2025-06-20-blzcdrz-obfuscated.tar.xz

You can even obfuscate a previously generated sosreport using this command:

sudo sos clean /var/tmp/<YOUR_SOS_REPORT>

Encrypting an sosreport with gpg passphrase encryption

When generating an sosreport, run the following command to encrypt it with GPG encryption:

sudo sos report --encrypt-pass <YOUR_PASSWORD_HERE>

To decrypt the archive, run this command and enter the password that was set in the previous step:

sudo gpg --output /path/to/<SOSREPORT_NAME>.tar.gz --decrypt /var/tmp/<GENERATED_SOSREPORT>.tar.xz.gpg

Generated sosreport location

You will find the location for all sosreports available under:

/var/tmp/sosreport-<HOSTNAME>-<YYYY-MM-DD>-<UNIQUE_STRING_TO_AVOID_REPORT_OVERWRITING>.tar.xz

Root cause

The need for generating an sosreport comes from issues such as hardware incompatibility, software misconfiguration, kernel bugs, driver issues, or other system-level issues.

Notes

Ensure adequate disk space on the target system, as sosreports can be large depending on the chosen modules and system state.

⚠️ WARNING Sensitive data should be reviewed or sanitized from generated reports before being shared with any vendor.

References & related articles

sosreport GitHub Repository