NTP servers used do not match across cluster members-checkpoint-gaia,ipso
Vendor: checkpoint
OS: gaia,ipso
Description:
Indeni will identify when two devices are part of a cluster and alert if the NTP servers they are using are different.
Remediation Steps:
Review the NTP configuration on each device to ensure they match.
How does this work?
This script parses through the configuration database located in /config/active directory to retrieve the configured NTP servers.
Why is this important?
This metric records configured NTP servers. NTP servers are used to sync the time across all hosts and network devices. This is critical for things such as event correlation and logging. With this information Indeni alerts if the NTP configuration on cluster members are not the same.
Without Indeni how would you find this?
An administrator could login and manually run the command.
chkp-clish-ntp-servers
name: chkp-clish-ntp-servers
description: Records the configured NTP servers.
type: monitoring
monitoring_interval: 10 minutes
requires:
vendor: checkpoint
or:
- os.name: gaia
- os.name: ipso
comments:
ntp-servers:
why: |
This metric records configured NTP servers. NTP servers are used to sync the time across all hosts and network devices. This is critical for things such as event correlation and logging. With this information Indeni alerts if the NTP configuration on cluster members are not the same.
how: |
This script parses through the configuration database located in /config/active directory to retrieve the configured NTP servers.
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
command: ${nice-path} -n 15 grep "ntp:server" /config/active
parse:
type: AWK
file: ntp-servers.parser.1.awk
cross_vendor_ntp_servers_comparison
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_ntp_servers_comparison.scala