Help
FortiEDR
FortiEDR automates the protection against advanced threats, pre and post-execution, with real time orchestrated incident response functionality.
jkoay
Staff
Staff

Created on ‎01-29-2023 09:24 PM

Article Id 244167

Technical Tip: Configure NTP server in FortiEDR Threat Hunting server

Description This article describes how to configure the NTP server in the FortiEDR Threat Hunting server.
Scope Threat Hunting server (On-Premise).
Solution

1) Login to the threat hunting server via rancher credentials.

2) Execute command 'sudo su -'.

3) Execute command 'mount -o remount,rw /k3os/system'.

 

jkoay_0-1675045614285.png

 

4) Execute command 'vi /k3os/system/config.yaml'.

5) In the file, look for write files: -content: |-.

 

Under Nameservers, add parameters in the format 'TimeServers=NTP_Server_IP address' to configure the NTP server.

 

jkoay_1-1675045763321.png

 

To edit the file, press 'i' and insert TimeServers as shown in the screenshot below:

 

jkoay_2-1675045964971.png

 

To save the changes made, press the button 'Esc' followed by :wq!.

 

6) Execute command 'date' to view the current date and time in UTC:

 

jkoay_3-1675046128663.png

 

7) For changes to take effect, restart ntpd service by executing the commands below:

 

service ntpd stop

service ntpd start

 

8) Execute the command 'date' to check the current date and time after restarting ntpd service:

 

jkoay_4-1675046411563.png
373
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.