We have upwards of 50 different security technologies reporting into Splunk. I'm being tasked of verifying that all the technologies reporting are properly time synced. Without going into each technology individually and verify NTP configurations, is there a way to run a query in Splunk to check time synchronization?
↧