Ensure a Single Time Synchronization Service is in Use

문서 > Datadog 보안 > OOTB Rules > Ensure a Single Time Synchronization Service is in Use

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

The system must have exactly one active time synchronization service to avoid conflicts and ensure consistent time synchronization. Only one of the following services should be enabled and active at any time:

chrony - A versatile NTP implementation
systemd-timesyncd - A lightweight NTP client

Having zero active time synchronization services leaves the system without accurate time synchronization, while having multiple active services can lead to unexpected and unreliable results.

Rationale

Running multiple time synchronization services simultaneously can lead to conflicts in time synchronization, unpredictable behavior, and unreliable results. A single service ensures consistent and accurate time synchronization. Having no active time synchronization service leaves the system without accurate time synchronization, which can affect security mechanisms, log consistency, and forensic investigations.

Warning

This rule does not come with a remediation. There are specific rules for enabling each time synchronization service, which should be used instead.