- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
To specify a remote NTP server for time synchronization, edit
the file /etc/ntp.conf
. Add or correct the following lines,
substituting the IP or hostname of a remote NTP server for ntpserver:
server ntpserver
This instructs the NTP software to contact that remote server to obtain time data.
Synchronizing with an NTP server makes it possible to collate system logs from multiple sources or correlate computer events with real time events.
The following script can be run on the host to remediate the issue.
#!/bin/bash
# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && { rpm --quiet -q ntp; }; then
var_multiple_time_servers='0.rhel.pool.ntp.org,1.rhel.pool.ntp.org,2.rhel.pool.ntp.org,3.rhel.pool.ntp.org'
config_file="/etc/ntp.conf"
if ! grep -q '^[\s]*(?:server|pool)[\s]+[\w]+' "$config_file" ; then
if ! grep -q '#[[:space:]]*server' "$config_file" ; then
for server in $(echo "$var_multiple_time_servers" | tr ',' '\n') ; do
printf '\nserver %s' "$server" >> "$config_file"
done
else
sed -i 's/#[ \t]*server/server/g' "$config_file"
fi
fi
else
>&2 echo 'Remediation is not applicable, nothing was done'
fi
The following playbook can be run with Ansible to remediate the issue.
- name: Gather the package facts
package_facts:
manager: auto
tags:
- CCE-83436-6
- NIST-800-53-AU-8(1)(a)
- NIST-800-53-CM-6(a)
- PCI-DSS-Req-10.4.1
- PCI-DSS-Req-10.4.3
- PCI-DSSv4-10.6.2
- configure_strategy
- low_complexity
- low_disruption
- medium_severity
- no_reboot_needed
- ntpd_specify_remote_server
- name: XCCDF Value var_multiple_time_servers # promote to variable
set_fact:
var_multiple_time_servers: !!str 0.rhel.pool.ntp.org,1.rhel.pool.ntp.org,2.rhel.pool.ntp.org,3.rhel.pool.ntp.org
tags:
- always
- name: Detect if ntp is already configured with pools or servers
find:
path: /etc
patterns: ntp.conf
contains: ^[\s]*(?:server|pool)[\s]+[\w]+
register: ntp_servers
when:
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"ntp" in ansible_facts.packages'
tags:
- CCE-83436-6
- NIST-800-53-AU-8(1)(a)
- NIST-800-53-CM-6(a)
- PCI-DSS-Req-10.4.1
- PCI-DSS-Req-10.4.3
- PCI-DSSv4-10.6.2
- configure_strategy
- low_complexity
- low_disruption
- medium_severity
- no_reboot_needed
- ntpd_specify_remote_server
- name: Configure remote time servers
lineinfile:
path: /etc/ntp.conf
line: server {{ item }}
state: present
create: true
loop: '{{ var_multiple_time_servers.split(",") }}'
when:
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"ntp" in ansible_facts.packages'
- ntp_servers.matched == 0
tags:
- CCE-83436-6
- NIST-800-53-AU-8(1)(a)
- NIST-800-53-CM-6(a)
- PCI-DSS-Req-10.4.1
- PCI-DSS-Req-10.4.3
- PCI-DSSv4-10.6.2
- configure_strategy
- low_complexity
- low_disruption
- medium_severity
- no_reboot_needed
- ntpd_specify_remote_server