The article describes how a user can sync the Instance NTP.
Scope
FortiSIEM Version 6.4.0 and later.
Solution
To configure the NTP Server:
Verify if the chronyd service is up and running:
systemctl status chronyd.service
Add the organization's NTP Server with the desired NTP of the instance synced in the below format by editing the file using:
vi /etc/chrony.conf server <IP> iburst
Restart the chronyd services:
systemctl restart chronyd.service
It is possible to verify the sync and sources by the below command:
timedatectl chronyc sources
Note that this is an OS-related configuration, for performing the above task it is possible to refer to any Linux (RHEL, Rocky Linux)OS Document.
Tip: VMware virtual machines sync their time with ESX host as default settings. The time is synced as 'bios clock time' so, even if the time is correctly set using NTP on the guest OS, it will revert to ESX host time in a few minutes.
Two possible solutions:
Correct ESX Host time by syncing its time with NTP servers.
Disable time syncing of virtual machines with ESX host.
