1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
documentation_complete: true
{{% set step_value = '1 -1' -%}}
title: 'Synchronize internal information system clocks'
description: |-
Synchronizing internal information system clocks provides uniformity
of time stamps for information systems with multiple system clocks and
systems connected over a network.
rationale: |-
Inaccurate time stamps make it more difficult to correlate events and
can lead to an inaccurate analysis. Determining the correct time a
particular event occurred on a system is critical when conducting
forensic analysis and investigating system events.
severity: medium
platform: package[chrony]
references:
srg: SRG-OS-000356-GPOS-00144
ocil_clause: ''
ocil: |-
Verify the operating system synchronizes internal system clocks to the
authoritative time source when the time difference is greater than one
second. Check the value of "makestep" by running the following command:
<pre>$ sudo grep makestep {{{ chrony_conf_path }}}
makestep {{{ step_value }}}</pre>
If it is not set to the above value, edit the {{{ chrony_conf_path }}} file
and add:
<pre>makestep {{{ step_value }}}</pre>
Restart the chrony service:
<pre>$ sudo systemctl restart chrony.service</pre>
template:
name: key_value_pair_in_file
vars:
key: "makestep"
value: {{{ step_value }}}
sep: ' '
sep_regex: ' '
path: {{{ chrony_conf_path }}}
|
