NTP servers configured do not match requirement-checkpoint-gaia,ipso

NTP servers configured do not match requirement-checkpoint-gaia,ipso
0

NTP servers configured do not match requirement-checkpoint-gaia,ipso

Vendor: checkpoint

OS: gaia,ipso

Description:
Indeni can verify that certain NTP servers are configured on a specific device.

Remediation Steps:
Update the configuration of the device to match the requirement.

How does this work?
This script parses through the configuration database located in /config/active directory to retrieve the configured NTP servers.

Why is this important?
This metric records configured NTP servers. NTP servers are used to sync the time across all hosts and network devices. This is critical for things such as event correlation and logging. With this information Indeni alerts if the NTP configuration on cluster members are not the same.

Without Indeni how would you find this?
An administrator could login and manually run the command.

chkp-clish-ntp-servers

name: chkp-clish-ntp-servers
description: Records the configured NTP servers.
type: monitoring
monitoring_interval: 10 minutes
requires:
    vendor: checkpoint
    or:
    -   os.name: gaia
    -   os.name: ipso
comments:
    ntp-servers:
        why: |
            This metric records configured NTP servers. NTP servers are used to sync the time across all hosts and network devices. This is critical for things such as event correlation and logging. With this information Indeni alerts if the NTP configuration on cluster members are not the same.
        how: |
            This script parses through the configuration database located in /config/active directory to retrieve the configured NTP servers.
        without-indeni: |
            An administrator could login and manually run the command.
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: ${nice-path} -n 15  grep "ntp:server" /config/active
    parse:
        type: AWK
        file: ntp-servers.parser.1.awk

crossvendor_compliance_check_ntp_servers

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor.compliance

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.MultiSnapshotComplianceCheckTemplateRule
import com.indeni.server.sensor.models.managementprocess.alerts.dto.AlertSeverity

case class crossvendor_compliance_check_ntp_servers() extends MultiSnapshotComplianceCheckTemplateRule(
  ruleName = "crossvendor_compliance_check_ntp_servers",
  ruleFriendlyName = "Compliance Check: NTP servers configured do not match requirement",
  ruleDescription = "Indeni can verify that certain NTP servers are configured on a specific device.",
  severity = AlertSeverity.WARN,
  metricName = "ntp-servers",
  itemKey = "ipaddress",
  alertDescription = "The list of NTP servers configured on this device does not match the requirement. Please review the list below.",
  baseRemediationText = "Update the configuration of the device to match the requirement.",
  requiredItemsParameterName = "NTP Servers",
  requiredItemsParameterDescription = "Enter the NTP servers required, each one on its own line."
)()