Staff

Technical Tip: How to restart WAD or IPS engine on a timed interval using auto-script

Forum|Forum|6 years ago
October 31, 2019
0 replies
74654 views

Description

This article describes how to fix the WAD or IPS engine memory leak by restarting it every few hours.

Solution

Use the following commands for a FortiGate with or without VDOMs (if the multi-VDOM configures the commands in the global context):

For WAD:

config system auto-script

edit restart_wad
set interval 43200
set repeat 0 <- No limit.
set start auto
set script 'diagnose test application wad 99'
next
end

For IPSengine:

config system auto-script

edit restart_IPSengine

set interval 43200

set repeat 0 <- No limit.

set start auto

set script 'diagnose test application ipsmonitor 99'

This specific script will run every 12 hours an infinite amount of times. Change the settings as required.

The settings are:

interval: Repeat the interval in seconds.
repeat: Number of times to repeat this script (0 = infinite).
start: Script starting mode.
script: List of FortiOS CLI commands to execute.

To view the results of the script named 'status' (with no VDOMs):

exec auto-script result status

Script status output:
########## script name: status ##########

========== #1, 2019-10-01 14:24:04 ==========
FGT $ get system status
Version: FortiGate-100D v6.2.1,build0932,190716 (GA)
Virus-DB: 72.00005(2019-10-01 03:19)
Extended DB: 1.00000(2018-04-09 18:07)
... output continues ...

To view the results of the script named 'status' (with VDOMs - enter it in global):

config global
exec auto-script result status

Note:

Before configuring a script like this, the timing needs to be considered. For example, if the above script is configured at 8 pm in the evening, the next cycle to run this script will be 8 am in the morning. It is always good to configure a script like this before or after peak traffic hours.

Technical Tip: Automated script execution

How to restart WAD process using automated script.docx