Configuring NTP is a best practice for network administrators to avoid problems due to inconsistent timekeeping across devices. NTP ensures that your devices’ clocks are all synchronized, within milliseconds, across your network so that there are no time incongruities in events. Some devices, like those that support NetFlow and sFlow, will require accurate time synchronization to even function.
Note: The ntp package must be installed on the Linux Collector host in order to monitor NTP on assigned devices. Monitoring NTP with a Windows Collector does not require any special configuration.
To install the Linux ntp package:
- Insert a line allowing the Collector to query the ntp daemon in /etc/ntp.conf
- Change the IP address and mask as appropriate to include the Collector(s) IP address. If security is a concern, you may add multiple restrict lines.
- Restart NTP:
When you have NTP installed, the instances generated by the LogicMonitor NTP datasource can display any offset between device clocks. If NTP is not properly configured, you may instead get an alert like the one below:
The NTP datasources use the ntpq binary command installed on the Collector host. To troubleshoot NTP, you can use the command ntpq -nc peers Host, where Host is the name or IP address of each device you are keeping in sync. Use the following legend to determine its NTP status:
The following procedures below detail how to allow both SNMP and NTP access for Linux devices.
- Access the command shell of the Linux host (via ssh or from the console).
- Open the file/etc/sysconfig/iptables in your preferred editor.
- After the line matching similar to “-A RH-Firewall-1-INPUT –p udp –dport 5353”, add the following lines to the INPUT section: