QRadar: Time Synchronization to a primary host or Console has failed

Troubleshooting

Problem

The QRadar Dashboard displays repeated System Notification messages:
"Time Synchronization to a primary host or Console has failed".

Symptom

QRadar logs report a chrony error in /var/log/qradar.log.
Administrators see offenses created with an end time that occurs in the future.
Search results that are erroneous or do not return results from the managed host when you know the event exists.

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwtNAAQ","label":"Deployment"}],"ARM Case Number":"TS011331881","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.5.0"}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Tips

QRadar: Time Synchronization to a primary host or Console has failed

Troubleshooting

Problem

Symptom

Document Location

Log InLog in to view more of this document

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?