As far as I can see, when selecting the option “Remove personal data from logs” in the EndeavourOS log tool, the local username and hostname are filtered from the logs, along with serial numbers of devices and the MAC in the inxi output.
The output of journalctl contains the MAC, local IP addresses and the WiFi SSID
At the very least the WiFi SSID could contain sensitive information, as those will in some cases contain real names. The local IP address and MAC address are less sensitive, but nevertheless they are in all likelihood not necessary to be included in the log.
Considering that the tool offers an option to specifically “remove personal data” and that the log output is several thousand lines long, the user might not be aware that this data is included.
Info:
eOS GNOME 41.1
eos-log-tool 1.4.11-1
Steps to reproduce:
Open eos-log-tool
Use default selection (journalctl -b -0; inxi -Fxxc0z; /etc/pacman.conf; Remove personal data) and click OK
Open the output file ~/eos-log-tool.logs
Ctrl+f for NetworkManager, wpa_supplicant, avahi-daemon
Examples:
Nov 11 19:53:50 _hostname_ avahi-daemon[417]: Joining mDNS multicast group on interface wlan0.IPv6 with address <IPv6 removed> Nov 11 19:53:50 _hostname_ avahi-daemon[417]: Registering new address record for <IPv6 removed> Nov 11 19:53:50 _hostname_ NetworkManager[419]: <info> [1636656830.0891] policy: set '<SSID removed>' (wlan0) as default for IPv6 routing and DNS Nov 11 20:21:47 _hostname_ NetworkManager[419]: <warn> [1636658507.3518] device (wlan0): Activation: failed for connection <SSID removed> Nov 11 20:21:59 _hostname_ NetworkManager[419]: <info> [1636658519.9662] device (wlan0): set-hw-addr: reset MAC address to <MAC removed> (preserve) Nov 11 20:22:06 _hostname_ wpa_supplicant[1012]: wlan0: Trying to associate with <MAC removed> (SSID='<SSID removed>' freq=2462 MHz)
In case this helps, you can pull the WiFi SSID as a simple string with iwgetid -r and its MAC address with iwgetid -ar.
Of course, there’s a chance that an SSID could collide with other content in the log, in case someone wants to name his Wifi “ERROR” or “/usr/lib/gdm-x-session”. But the MAC address should be a simple search&replace.
The device’s own MAC address can be found through cat /sys/class/net/<interface name>/address among other ways, but I guess you can’t presuppose the interface name or that there will be only one network interface.