hi, I am new here. I'd like to find time related OID in ASA 5520. But when I run "show snmp-server oidlist", I found there is no time related OID in ASA 5520. I want to use snmp sensor about ntp status or system current time. Is there any solution for my problem? Thank you.
Solved! Go to Solution.
Clock synchronization is vital for security, especially for audit log correlation. PCI DSS mandates that network equipment synchronize their time with an NTP server and their time is monitored (i.e by a NMS) for possible skews. So when logs need to be audited for a certain date and time, first the NTP sensor logs in the NMS is queried to fetch the skew value at a particular time instant, then the actual log in the syslog for that particular time is retrieved and then its time stamp is corrected considering the skew value.
How could Cisco miss this in their major security line of product?
Using snmp polling there is no way for the NTP synchronization or current time and date to be polled, you can try other options like EEM scripts and TCL scripts. For that there is a specific forum where you can get help configuring the scripts so that you can get that information send on a syslog manner.