Configure Time Sync and Time Zone

The following steps are required for installation of NetMon 5.0.0 and above.

NetMon 5.0.0 moved to using Chrony for time sync, which requires command line configuration following installation. It is recommended you also set the Time zone for the NetMon appliance to ensure the syslog output to your SIEM is correctly timestamped to the same time zone as the receiving agent. By default, NetMon uses 2.rocky.pool.ntp.org for its time source, which requires internet access and NTP UDP/123 to be open. Most environments will have this blocked and require NTP to be pointed to internal NTP servers.

To configure Chrony for NetMon time sync and the NetMon time zone:

1. Run the following command to edit the chrony configuration file:

sudo vi /etc/chrony.conf

2. Replace pool 2.rocky.pool.ntp.org with your NTP server in the format “server x.x.x.x iburst,” as shown below:

You can add multiple NTP servers on additional lines, as shown in the screenshot.

3. Run the following command to enable Chrony:

sudo chkconfig chronyd on

4. Run the following command to start Chrony:

sudo systemctl start chronyd

5. Run the following command to set your time zone, replacing “Americas/Denver” with the timezone matching your syslog receiver agent:

sudo timedatectl set-timezone Americas/Denver

The default time zone for NetMon is Americas/Denver. To find the string that corresponds to your time zone, use the command sudo tzselect.

6. Run the following command to reboot NetMon:

sudo reboot

Following changes to NetMon time or time zone, a reboot is required.