Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
Check
Verify Amazon Linux 2023 has the chronyd service set to active with the following command:
$ systemctl is-active chronyd active
If the chronyd service is not active, this is a finding.
Fix
Configure Amazon Linux 2023 to have the chronyd service set to active with the following command: