Collecting system information

You can use the following commands to collect information about specific components of your Linux system.

SLS and content version

$ rpm -qa --installed | grep sophoslinuxsensor

$ rpm -qa --installed | grep runtimedetections-content

$ apt list --installed | grep sophoslinuxsensor

$ apt list --installed | grep runtimedetections-content

Sensor YAML Configuration File/Environment Variables Set

cat /etc/sophos/runtimedetections-rules.yaml

Analytics YAML Configuration File/Environment Variables Set

cat /etc/sophos/runtimedetections-rules.yaml

Operating System and Version

You can use the following commands to obtain the OS and version of your Linux system:

uname -a

cat /etc/os-release

cat /etc/redhat-release

lsb_release -a

hostnamectl

Linux Kernel Version

You can use the following commands to obtain the kernel version of your Linux system:

uname -r

cat /proc/version

hostnamectl | grep kernel

Sensor Logs

You can use the following commands to obtain the sensor logs:

journalctl -u sophoslinuxsensor

journalctl -efu capsule8-sensor

tail -f /var/log/capsule8/sensor.log