A while back I wrote about the importance of using a standardized time source. Keeping accurate time across devices is essential so that you can easily correlate events within logs across the network. But what do you do when you’re operating on a closed network and there is no time source that you can pull from?
Let me give you a scenario. You are having some problems on the network that are spread across several devices. You go into the log file of each device and see a bunch of messages with a mix-match of various times that mean absolutely nothing to you. In short, you have no idea what is going on with your network.