Top of Page

Domain Time II Audit Server
Version 5.2

Audit Configuration

How to configure and run Audits.

Audit List
As of version 5.1, Audit Server shares Domain Time II Manager's view of the network and is completely integrated with it. Manager contains the master database from which machines can be selected for audit.

    Machines appearing in the Manager lists can be audited for the following information:
    • Machines running Domain Time II can be fully audited, including collection of synchronization (drift) logs and full statistical audit records.
    • Machines answering NTP queries can be partially audited, with limited statistical audit records (variance, last time source, etc.). Audit Server can create drift logs based on measured offsets at audit time.
    • As of version 5.2.b.20170101, PTP masters and slaves may also be audited. Audit Server can create drift logs based on available delta measurement (masters) and/or reported deltas from available management messages.

    Alerts can be raised for the above systems at audit time. In addition, machines running Domain Time II v5.1 and later can also provide real-time alerts. See the Alerts page for more information.

    To manually select machines for audit:

    1. Select a machine list in Domain Time II Manager and be sure the Audited column is displayed in the Details pane. (Use View -> Add/Remove Columns item on the Manager menu, or right-click the column header and be sure Audited is selected on the context menu.)
    2. Click the Audited entry for your machine to change it to "Yes," or right-click the machine item and choose Enable Audit from the context menu.
    3. You can enable auditing on multiple machines at once by highlighting the machines you want in the Details pane and choosing Enable Audit from the right-click context menu.

    Machines can also be automatically added to and pruned from the Audit list. See the Audit List Management item on the Audit Server -> Advanced menu for details.

    Machines on the Audit list will be contacted by Audit Server when an audit collection run is initiated. Audit collection runs can be scheduled or manually triggered.

    Quick Start

    To audit Windows machines:
    To audit Linux machines via ntpd or chronyd:
    • Be sure ntpd or chronyd is set to respond to standard NTP time requests (act as an NTP time server).
    • Add the Linux machine(s) to the NTP Nodes list.
    • Toggle the "Audited" column entry to your desired Audit Group for your Linux machines from the NTP Nodes list.
    • Enable Post-Audit Alerts, if desired.
    • Enable collection of NTP Server Drift logs either at audit time or on a regular polling schedule, if desired.
    To audit ptpd or other PTP machines via PTP Monitor:
    • Note: Do not use PTP Monitor to audit Domain Time machines. Use the Windows instructions above.
    • Carefully read and configure PTP Monitor per the documentation.
    • Toggle the "Audited" column entry to "Yes" for your selected PTP node(s) from the NTP Nodes list.
    • Enable collection of PTP Node Drift logs, if desired.


Audit Schedule
Audit Server can run audit collections from your Audit list on a schedule you specify. Multiple times and schedules can be configured.

    To configure your audit schedules, pull up the Schedule dialog by clicking Audit Server -> Schedule... from the Domain Time Manager menu.

    Audit Schedule
    Audit Schedule   [Click for smaller size]

    You can Add, Edit, or Delete schedules from this dialog. The schedules can be displayed in either 12 or 24 hour format.

    Note: Schedule times and dates always refer to the time on the local machine.

    When you click Add or Edit, you'll be presented with the Audit Schedule Editor where you can select the day(s) and time(s) of your audits, and whether you want your audit to repeat on a regular interval.

     Set Audit Schedule 

    Enabled

    If this schedule is enabled, an audit will run on the day(s)
    and time(s) you specify. The time of day refers to local
    time on this computer.
     
    Every: Mon
    Tue
    Wed
    Thu
    Fri
     
    		           Sat
    Sun
    Time: repeating every
    minutes until     


Trigger an Audit
You can start an audit run manually from Manager either by choosing the Audit Server -> Audit Now menu item or by pressing F11.

    Audits can also be triggered remotely using the DTCheck command-line tool that is included with Server and Client using this syntax:

      DTCHECK \\machine_name_or_ip_address /cmd="Audit Trigger"


Audit Tasks
Audit Server can perform certain tasks before and after an audit run. To configure these tasks, choose the Audit Server -> Audit Tasks menu item.

     Pre-Audit Tasks 

    Trigger synchronization of audited machines before beginning the audit
         Wait for all synchronizations to complete
         Proceed with audit even if some machines have not fully synchronized yet
    Scan the network before contacting individual audited machines
    Use multicast to locate DT2 machines that may have changed IPs or names

      The Trigger synchronization of audited machines before beginning the audit option will cause Audit Server to send a synchronization trigger to audited machines before auditing them. You can indicate whether Audit Server should pause until machines are all synchronized before proceeding (which can cause the audit to take more time to complete) or to proceed with the audit immediately.

      This option can be used to satisfy some regulatory requirements (such as the FINRA requirement that machines be synchronized before the start of trading and at fixed periods throughout the day). However, triggering a synchronization before the audit may not give you an accurate picture of the actual state of your machines from the audit records, since all machines will be recently synchronized at the time of the audit. You will need to use Synchronization (drift) logs and Real-Time Alerts to determine the actual status of machines between audits.

      If Scan the network before contacting individual audited machines is checked, Audit Server will use Manager's scan settings to collect data by multicast/broadcast before attempting to check with each machine. If unchecked, Audit Server will skip the initial scan. In general, you should leave this enabled.

      The Use multicast to locate DT2 machines that may have changed IPs or names function helps keep your Manager database up-to-date. You should leave this enabled unless you have a completely static network configuration.

     Post-Audit Tasks 

    Send a summary of the audit results by email
         Send errors as an attachment
    Auto-generate a textual version of the audit results
    Reset the statistics on audited machines
    Delete audit result files that are more than days old.

      Send a summary of the audit results by email will cause Audit Server to send a summary email after each audit (see sample below).

        Check the Send errors as an attachment checkbox if you want to include details on machines that have errors.

        Domain Time II Audit Summary

        This is an automated summary from Domain Time II Audit Server. An audit has completed. 10 machines were checked during this audit.

        • Audit Server: EGGMAN
        • Audit Time: Mon 30 Nov 2009 00:08:51
        • Audit Status: Passed
        • Audit Errors: 0
        • Audit Summary:
          • 0 reported clock not set
          • 1 did not respond this audit
          • 0 had variance in excess of 5000 milliseconds
          • 0 did not set the clock for over 1440 minutes
          • 10 reported no alerts
          • 0 real-time alerts have not been acknowledged

      Auto-generate a textual version of the audit results
      When checked, Audit Server will expand a text version of the audit results in the Audit Results folder. This is similar information you see when clicking the Print Details button when looking at audit results using the Audit Viewer. Note, these files will not display by default in the Audit Server -> Audit Results list in Manager's left-hand pane. To view them, right-click the "Audit Results" label and choose "Open containing folder" from the context menu.

      Reset the statistics on audited machines
      This option will reset all statistics on the remote machine after each audit.

      Note: This will also clear out the synchronization (drift) log on the remote machine. This option is not reversible; once the stats and drift logs are cleared, they are deleted permanently. In most cases, you should not use this option since you cannot recover the data if sync log collection fails on the Audit Server for any reason. You should only use this option if you are successfully collecting synchronization logs on the Audit Server so that you retain the data. See the Synchronization Logs section for more information.

      Delete audit result files that are more than days old.
      This option will trim your audit results list after they reach the specified age. The most recent Audit Results are shown in the Audit Server category of Manager's Tree pane.

      Note: Records can accumulate at a rapid pace, particularly if you are auditing many machines on a frequent schedule and you can easily fill up your existing storage. You should arrange to archive off this data to other media if you want to preserve the records indefinitely rather than letting them accumulate without limit. Audit records are found in the folder specified on the Audit Server -> Advanced -> Data Folders... menu item.

 

Next Proceed to the Alerts and Audit Groups page
Back Back to the Domain Time II Audit Server page

Domain Time II Software distributed by Microsemi, Inc.
Documentation copyright © 1995-2024 Greyware Automation Products, Inc.
All Rights Reserved
All Trademarks mentioned are the properties of their respective owners.