NTP servers configured do not match requirement-f5-all

NTP servers configured do not match requirement-f5-all
0

NTP servers configured do not match requirement-f5-all

Vendor: f5

OS: all

Description:
Indeni can verify that certain NTP servers are configured on a specific device.

Remediation Steps:
Update the configuration of the device to match the requirement.

How does this work?
Indeni logs in over SSH and executes “tmsh -q list sys ntp”. The output is then parsed for any ntp server configuration.

Why is this important?
Not having an NTP server configured could make the clock slowly drift, which makes log entries and other information harder to summarize between devices. If the clock drifts very far out, there could also be issues with validating certificates.

Without Indeni how would you find this?
An administrator could login to the unit through SSH, enter TMSH and issue the command “list sys ntp” to see the configured NTP servers. This information is also availble through the Web Interface by navigating to “System” -> “Configuration” -> “Device” -> “NTP”.

f5-tmsh-list-sys-ntp

name: f5-tmsh-list-sys-ntp
description: Get the configured NTP servers and timezone
type: monitoring
monitoring_interval: 60 minutes
requires:
    vendor: f5
    product: load-balancer
    linux-based: 'true'
    shell: bash
comments:
    ntp-servers:
        why: |
            Not having an NTP server configured could make the clock slowly drift, which makes log entries and other information harder to summarize between devices. If the clock drifts very far out, there could also be issues with validating certificates.
        how: |
            Indeni logs in over SSH and executes "tmsh -q list sys ntp". The output is then parsed for any ntp server configuration.
        without-indeni: |
            An administrator could login to the unit through SSH, enter TMSH and issue the command "list sys ntp" to see the configured NTP servers. This information is also availble through the Web Interface by navigating to "System" -> "Configuration" -> "Device" -> "NTP".
        can-with-snmp: false
        can-with-syslog: false
        vendor-provided-management: |
            This information is available via both TMSH and the Web Interface.
    timezone:
        why: |
            A correct time and time zone is very important for many reasons. An incorrectly configured time zone could mean that timestamps on logs are incorrect. Indeni will identify when two devices are part of a cluster and alert if the timezone setting is different.
        how: |
            Indeni logs in over SSH and executes "tmsh -q list sys ntp". The output is then parsed for the configured timezone.
        without-indeni: |
            An administrator could login to the unit through SSH, enter TMSH and issue the command "list sys ntp" to see the configured timezone. This information is also availble through the Web Interface by navigating to "System" -> "Platform".
        can-with-snmp: false
        can-with-syslog: false
        vendor-provided-management: This information is available via both TMSH and
            the Web Interface.
steps:
-   run:
        type: SSH
        command: tmsh -q list sys ntp
    parse:
        type: AWK
        file: tmsh-list-sys-ntp.parser.1.awk

crossvendor_compliance_check_ntp_servers

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor.compliance

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.MultiSnapshotComplianceCheckTemplateRule
import com.indeni.server.sensor.models.managementprocess.alerts.dto.AlertSeverity

case class crossvendor_compliance_check_ntp_servers() extends MultiSnapshotComplianceCheckTemplateRule(
  ruleName = "crossvendor_compliance_check_ntp_servers",
  ruleFriendlyName = "Compliance Check: NTP servers configured do not match requirement",
  ruleDescription = "Indeni can verify that certain NTP servers are configured on a specific device.",
  severity = AlertSeverity.WARN,
  metricName = "ntp-servers",
  itemKey = "ipaddress",
  alertDescription = "The list of NTP servers configured on this device does not match the requirement. Please review the list below.",
  baseRemediationText = "Update the configuration of the device to match the requirement.",
  requiredItemsParameterName = "NTP Servers",
  requiredItemsParameterDescription = "Enter the NTP servers required, each one on its own line."
)()