Clock set incorrectly-juniper-junos

Clock set incorrectly-juniper-junos

Vendor: juniper

OS: junos

Description:
indeni will trigger an issue when a device’s clock is more than 24 hours off of Indeni’s clock.

Remediation Steps:
Consider setting the date on the device and activating NTP.
|||1. Run “show system uptime” command to review current time and time source.
|2. The current date and time should not be 24 hours off from the polling date and time.
|3. Set the correct date and time.
|4. Consider activating NTP for time synchronization.
|5. Review the following article on Juniper tech support site: Configure Time and NTP Client
|6. If the problem persists, contact the Juniper Networks Technical Assistance Center (JTAC).

How does this work?
This script logs into the Juniper JUNOS-based device using SSH and retrieves the current time using the output of the “show system uptime” command. The output includes the device’s current date and time as well as configured time zone.

Why is this important?
Capture the current date and time of the device. Device current date and time should never be more than 24 hours away from date and time of the device polling the data, otherwise date and time are not correctly set on device.

Without Indeni how would you find this?
It is possible to poll this data through SNMP.

junos-show-system-uptime

name: junos-show-system-uptime
description: Fetches system uptime
type: monitoring
monitoring_interval: 5 minute
requires:
    vendor: juniper
    os.name: junos
    high-availability:
        neq: 'true'
comments:
    uptime-milliseconds:
        why: |
            Capture the uptime of the device. If the uptime is lower than the previous sample, the device must have reloaded.
        how: |
            This script logs into the Juniper JUNOS-based device using SSH and retrieves the output of the "show system uptime" command. The output includes the device's uptime as well as additional information.
        without-indeni: |
            It is possible to poll this data through SNMP or capture a syslog/trap event of a device booting up.
        can-with-snmp: true
        can-with-syslog: true
    current-datetime:
        why: |
            Capture the current date and time of the device. Device current date and time should never be more than 24 hours away from date and time of the device polling the data, otherwise date and time are not correctly set on device.
        how: |
            This script logs into the Juniper JUNOS-based device using SSH and retrieves the current time using the output of the "show system uptime" command. The output includes the device's current date and time as well as configured time zone.
        without-indeni: |
            It is possible to poll this data through SNMP.
        can-with-snmp: true
        can-with-syslog: false
    timezone:
        why: |
            Capture the current time zone of the device. The time zone information is useful for display purposes.
        how: |
            This script logs into the Juniper JUNOS-based device using SSH and retrieves the configured time zone using the output of the "show system uptime" command. The output includes the device's current date and time as well as configured time zone.
        without-indeni: |
            An administrator may write a script to pull this data from cluster members and compare it.
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: show system uptime | display xml
    parse:
        type: XML
        file: show-system-uptime.parser.1.xml.yaml

cross_vendor_clock_off

package com.indeni.server.rules.library.core

import com.indeni.apidata.time.TimeSpan
import com.indeni.apidata.time.TimeSpan.TimePeriod
import com.indeni.ruleengine.expressions.conditions.GreaterThan
import com.indeni.ruleengine.expressions.core._
import com.indeni.ruleengine.expressions.data._
import com.indeni.ruleengine.expressions.math.{AbsExpression, MinusExpression}
import com.indeni.ruleengine.expressions.utility.NowExpression
import com.indeni.server.common.data.conditions.True
import com.indeni.server.rules._
import com.indeni.server.rules.library.{ConditionalRemediationSteps, PerDeviceRule, RuleHelper}
import com.indeni.server.sensor.models.managementprocess.alerts.dto.AlertSeverity

case class ClockOffRule() extends PerDeviceRule with RuleHelper {

  override val metadata: RuleMetadata = RuleMetadata
    .builder(
      "cross_vendor_clock_off",
      "Clock set incorrectly",
      "indeni will trigger an issue when a device's clock is more than 24 hours off of Indeni's clock.",
      AlertSeverity.ERROR,
      categories = Set(RuleCategory.HealthChecks),
      deviceCategory = DeviceCategory.AllDevices
    )
    .build()

  override def expressionTree(context: RuleContext): StatusTreeExpression = {
    val actualValue = TimeSeriesExpression[Double]("current-datetime").last.toTimeSpan(TimePeriod.SECOND)

    StatusTreeExpression(
      // Which objects to pull (normally, devices)
      SelectTagsExpression(context.metaDao, Set(DeviceKey), True),
      // What constitutes an issue
      StatusTreeExpression(
        // The time-series we check the test condition against:
        SelectTimeSeriesExpression[Double](context.tsDao, Set("current-datetime"), denseOnly = false),
        // The condition which, if true, we have an issue. Checked against the time-series we've collected
        GreaterThan(AbsExpression(MinusExpression(NowExpression(), actualValue)),
                    ConstantExpression(Some(TimeSpan.fromDays(1))))

        // The Alert Item to add for this specific item
      ).withRootInfo(
          getHeadline(),
          scopableStringFormatExpression("The current date/time on this device is: %s which seems to be incorrect.",
                                         timeSpanToDateExpression(actualValue)),
          ConditionalRemediationSteps(
            "Consider setting the date on the device and activating NTP.",
            RemediationStepCondition.VENDOR_CISCO ->
              """1. Execute the "show clock" command to check the system time.
              |2. Consider setting the date on the device by activating NTP.
              |3. For more information please review: <a target="_blank" href="https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/system_management/configuration/guide/sm_nx_os_cg/sm_3ntp.pdf">Cisco NX-OS NTP configuration guide</a>""".stripMargin,
            RemediationStepCondition.VENDOR_JUNIPER ->
              """|1. Run "show system uptime" command to review current time and time source.
               |2. The current date and time should not be 24 hours off from the polling date and time.
               |3. Set the correct date and time.
               |4. Consider activating NTP for time synchronization.
               |5. Review the following article on Juniper tech support site: <a target="_blank" href="https://kb.juniper.net/InfoCenter/index?page=content&id=KB15756&actp=METADATA">Configure Time and NTP Client</a>
               |6. If the problem persists, contact the Juniper Networks Technical Assistance Center (JTAC).""".stripMargin
          )
        )
        .asCondition()
    ).withoutInfo()
  }
}