1. Login to the threat-hunting server via rancher credentials.
2. Execute command 'sudo su -'.
3.  Use UTC timezone (Mandatory).

• Set correct UTC time:

date -s hh:mm:ss

• Set NTP server by creating ntp.yaml file (Recommended):

mkdir -p /var/lib/rancher/k3os/config.d/

cd  /var/lib/rancher/k3os/config.d/

touch ntp.yaml

vi ntp.yaml

Add the following in ntp.yaml:

k3os:

ntp_servers:

- 10.51.100.11 (NTP server IP address)

• Add ntpd to rc and start the service:

rc-update add ntpd defaul && rc-service ntpd start && rc-status

• Reboot and verify current time:

Alternatively configure a time zone (Not recommended, will be part of installation script in future release):

• Find timezone under /usr/share/zoneinfo/, for example:

ls /usr/share/zoneinfo/Canada/

• Make a full note of the path to the  time zone (For example, /usr/share/zoneinfo/Canada/Pacific).
• Mount the k3os system:

mount -o remount,rw /k3os/system

• Edit config.yaml file:

vi /k3os/system/config.yaml

• Add the following lines under boot_cmd:

"echo Canada/Vancouver (yourTimeZone) > /etc/timezone"

"ln -vs /usr/share/zoneinfo/Canada/Pacific (yourTimeZone) /etc/localtime"

Save the config.yaml file (Shift + : then wq) and reboot the server.

After the server is booted up, check with the date command if the date/time/timezone is appearing as expected: