NTP servers configured do not match requirement-radware-alteon-os

warn
best-practices
alteon-os
radware
NTP servers configured do not match requirement-radware-alteon-os
0

#1

NTP servers configured do not match requirement-radware-alteon-os

Vendor: radware

OS: alteon-os

Description:
Indeni can verify that certain NTP servers are configured on a specific device.

Remediation Steps:
Update the configuration of the device to match the requirement.

How does this work?
Using the “/cfg/sys/ntp/cur/” command in the CLI, Indeni will verify that ntp servers have been configured and that the current status of any existing servers is ok.

Why is this important?
Not having an NTP server configured could make the clock slowly drift, which makes log entries and other information harder to summarize between devices. If the clock drifts very far out, there could also be issues with validating certificates.

Without Indeni how would you find this?
An administrator could login to the unit through SSH and issue the command “/cfg/sys/ntp/cur/” to see the configured ntp servers.

radware-mgmt-cfg-sys-ntp-cur

#! META
name: radware-mgmt-cfg-sys-ntp-cur
description: Show current NTP server settings
type: monitoring
monitoring_interval: 10 minutes
requires:
    os.name: "alteon-os"
    vendor: "radware"
    or:
        -
            vadc: "true"
        -
            standalone: "true"

#! COMMENTS
ntp-servers:
    why: |
        Not having an NTP server configured could make the clock slowly drift, which makes log entries and other information harder to summarize between devices. If the clock drifts very far out, there could also be issues with validating certificates.
    how: |
        Using the "/cfg/sys/ntp/cur/" command in the CLI, Indeni will verify that ntp servers have been configured and that the current status of any existing servers is ok.
    without-indeni: |
        An administrator could login to the unit through SSH and issue the command "/cfg/sys/ntp/cur/" to see the configured ntp servers.
    can-with-snmp: true
    can-with-syslog: false
    vendor-provided-management: |
        Can be done through Management GUI (Vision or Alteon VX).

#! REMOTE::SSH
/cfg/sys/ntp/cur/ / /

#! PARSER::AWK

#Current primary NTP server: 173.71.73.207
#Current secondary NTP server: 2.2.2.0
/NTP server/ {
    iEntry++

    servers[iEntry, "ipaddress"] = $5
    servers[iEntry, "type"] = $2 
} 

END {
    writeComplexMetricObjectArrayWithLiveConfig("ntp-servers", null, servers, "NTP Servers")
}


crossvendor_compliance_check_ntp_servers

package com.indeni.server.rules.library.templatebased.crossvendor.compliance

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.MultiSnapshotComplianceCheckTemplateRule
import com.indeni.server.sensor.models.managementprocess.alerts.dto.AlertSeverity

case class crossvendor_compliance_check_ntp_servers() extends MultiSnapshotComplianceCheckTemplateRule(
  ruleName = "crossvendor_compliance_check_ntp_servers",
  ruleFriendlyName = "Compliance Check: NTP servers configured do not match requirement",
  ruleDescription = "Indeni can verify that certain NTP servers are configured on a specific device.",
  severity = AlertSeverity.WARN,
  metricName = "ntp-servers",
  itemKey = "ipaddress",
  alertDescription = "The list of NTP servers configured on this device does not match the requirement. Please review the list below.",
  baseRemediationText = "Update the configuration of the device to match the requirement.",
  requiredItemsParameterName = "NTP Servers",
  requiredItemsParameterDescription = "Enter the NTP servers required, each one on its own line."
)()