Open nkshirsagar opened 1 year ago
--all-logs
doesn't capture logs that aren't specified in plugins. It is meant to be used to signal to plugins "it is okay to capture more that you typically would", not "please capture every log on the filesystem" to sos in general.
In your example for instance, the alternatives
plugin would need to have logic around capturing alternatives.log
, and optionally any rotated logs if --all-logs
is used. There is currently no such logic (and in fact no logic to capture any log files) in that plugin. Similarly for ubuntu-advantage
logs, the ubuntu
plugin does not specify ubuntu-advantage-timer.log
in its collections, only ubuntu-advantage.log*
, which would not match the timer logs.
--all-logs option has been broken in Ubuntu for a while. This is likely related to commit https://github.com/sosreport/sos/commit/745b4a236a0255ea76ffd273f3e2028ac46b4a89
What we notice is the rotated (.1 , .2 etc) and .tar.gz'd logs aren't collected from /var/log even with --all-logs specified. None of the ubuntu-advantage logs are collected either. the rotated boot logs are also not collected.
So we need a fix on ubuntu because any services that do not use the journal but add their own rotated logs in /var/log and do not have a sos plugin end up with those files not collected.
For eg in my own laptop, i ran sos report --all-logs using 4.5.3 jammy, and see the difference in whats in /var/log and what the sosreport has in /var/log
Compare those collected files to what actually is in /var/log on the machine,