table of contents
SOS(CLEAN) | SOS(CLEAN) |
NAME¶
sos clean - Obfuscate sensitive data from one or more sosreports
SYNOPSIS¶
sos clean TARGET [options]
[--domains]
[--map]
[--jobs]
[--no-update]
DESCRIPTION¶
sos clean or sos mask is an sos subcommand used to obfuscate sensitive information from previously generated sosreports that is not covered by the standard plugin-based post processing executed during report generation, for example IP addresses.
Data obfuscated via this utility is done so consistently, meaning for example an IP address of 192.168.1.1 in an unprocessed sosreport that gets obfuscated to, for example, 100.0.0.1, will be changed to 100.0.0.1 in all occurrences found in the report.
Additionally, by default all such obfuscations are stored in "maps" that will be persistently saved to /etc/sos/cleaner/default_mapping and be re-used on subsequent runs.
This utility may also be used in-line with sos report and sos collect by specifying the --clean or --mask option.
When called directly via sos clean, the obfuscated archive is written as an additional file, meaning the original unprocessed report still remains on the filesystem. When called via report or collect, the changes are done in-line and thus only an obfuscated archive is written and available. In either case, a mapping file containing the relationships between unprocessed and obfuscated elements will be written in the same location as the resulting archive. This mapping file should be kept private by system administrators.
REQUIRED ARGUMENTS¶
TARGET
- The path to the archive that is to be obfuscated. This may be an archive or an unbuilt sos temporary
- directory. If an archive, it will first be extracted and then after obfuscation is complete re-compressed using the same compression method as the original.
OPTIONS¶
- --domains DOMAINS
- Provide a comma-delimited list of domain names to obfuscate, in addition
to those matching the hostname of the system that created the sosreport.
Subdomains that match a domain given via this option will also be
obfuscated.
For example, if --domains redhat.com is specified, then 'redhat.com' will be obfuscated, as will 'www.redhat.com' and subdomains such as 'foo.redhat.com'.
- --keywords KEYWORDS
- Provide a comma-delimited list of keywords to scrub in addition to the
default parsers.
Keywords provided by this option will be obfuscated as "obfuscatedwordX" where X is an integer based on the keyword's index in the parser. Note that keywords will be replaced as both standalone words and in substring matches.
- --map FILE
- Provide a location to a valid mapping file to use as a reference for
existing obfuscation pairs. If one is found, the contents are loaded
before parsing is started. This allows consistency between runs of this
command for obfuscated pairs. By default, sos will write the generated
private map file to /etc/sos/cleaner/default_mapping so that consistency
is maintained by default. Users may use this option to reference a map
file from a different run (perhaps one that was done on another system).
Default: /etc/sos/cleaner/default_mapping
- --jobs JOBS
- The number of concurrent archives to process, if more than one. If this
utility is called by sos collect then the value of the jobs option
for that utility will be used here.
Default: 4
- --no-update
- Do not write the mapping file contents to /etc/sos/cleaner/default_mapping
MAINTAINER¶
Jake Hunsaker <jhunsake@redhat.com>
AUTHORS & CONTRIBUTORS¶
See AUTHORS file in the package documentation.
1 | Thu May 21 2020 |