NTP Messages
Classification
Rule Name | Rule Type | Classification | Common Event |
|---|---|---|---|
| NTP Messages | Base Rule | General NTP Information | Information |
| Kernel Time Sync | Sub Rule | System Time Information | Information |
| Positive Time Adjustment | Sub Rule | Time Adjusted | Information |
| Negative Time Adjustment | Sub Rule | Time Adjusted | Information |
| NTP: Listening On Router Socket | Sub Rule | Listener Message | Information |
| NTP: Peers Refreshed | Sub Rule | Peers Refreshed | Information |
| NTP Precision | Sub Rule | General NTP Information | Information |
| No Suitable Time Synchronization Server Found | Sub Rule | NTP Server Unreachable | Error |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhythm Schema | Data Type |
|---|---|---|
| SYSD | <severity> | Text/String |
| Mar 20 17:03:59 | <dname> | Text/String |
| N/A | <process> | Text/String |
| Your | <object> | Text/String |
| N/A | <dip> | IP Address |
| N/A | <dinterface> | Text/String |
| N/A | <version> | Number |
| N/A | <duration> | Time |
| proto: | <tag1> | Text/String |
| usec | N/A | N/A |
| N/A | <tag2> | Text/String |