| JP Vossen on 4 Jan 2014 12:51:17 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| [PLUG] Quick & Dirty NTP monitoring |
Similar on all my on all my other servers, note the added "2> /dev/null" and "$1 > 5" instead of "$1 > 3": ntptrace 2> /dev/null | head -n1 | perl -ne 'm/^[\w.]+: stratum (\d+),/ or next; print qq(NTP not in sync: $_) if ( $1 > 5 );'
All these do is look at the first line of 'ntptrace' output and make sure it says either:
stratum 3 # time server stratum 4 # other serversIf not, I get an error message via email from cron. Simple, no monitoring framework needed.
Over the years I've gotten various "foo: timed out, nothing received" errors, and if I get enough I'd add that server to the ignore list. But now, since the 2012-12 NTP reflection attacks [1], I'm getting way too many timeouts, so I had to the the "2> /dev/null" part to my time server cronjob. That should ignore the errors and if my time server is "stratum 3" I'm happy.
So... Anyone have a better quick & dirty method for this? And if not, steal this one...
Later, JP [1] http://isc.sans.edu/diary.html?storyid=17300 ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| http://bashcookbook.com/ My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- "Microsoft Tax" = the additional hardware & yearly fees for the add-on software required to protect Windows from its own poorly designed and implemented self, while the overhead incidentally flattens Moore's Law. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug