Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000035270 - RSA Security Analytics is unable to talk to the NTP daemon and reports an "Is it running?" message

Document created by RSA Customer Support

on Jun 21, 2017•Last modified by RSA Customer Support

on Jun 26, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000035270
Applies To	RSA Product Set: Security Analytics, NetWitness Logs and Packets RSA Product/Service Type: Core Appliances (excluding the Security Analytics Server/ Head Unit) RSA Version/Condition: 10.6.x.x
Issue	The ntpd service is running, however when you type "ntpstat" you will receive the message below. Unable to talk to NTP daemon. Is it running?
Cause	The iptables input chain must be updated to allow NTP communication over UDP port 123.
Resolution	To resolve the issue, follow the steps below. Connect to the appliance that is reporting the warning message via SSH and execute the command below. iptables -I INPUT 1 -p udp --dport 123 -j ACCEPT ; service iptables save You should now be able to receive the expected output from the "ntpstat" command as shown below. [root@esa ~]# ntpstat synchronised to NTP server (x.x.x.x) at stratum 4 time correct to within 117 ms polling server every 64 s

Attachments

Outcomes

0 Comments

Recommended Content