Fortigate CPU/memory leak automation technical tip

Forum|Forum|1 year ago
May 21, 2025
2 replies
625 views

Fortigate Automation Stich is great!

If you have a security fabric configured you can automate a lot of stuff.

You can automate a process restart if there is high CPU or memory :)

Example:

High CPU event trigger is already existing but for the memory it is called Conservative mode.

You can probably use also Playbooks if FortiAnalyzer is licensed for them or FortiManager to push a CLI script to all firewalls if you have no security fabric configured.

Posts from which I got the idea:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-restart-WAD-process-on-a-specific-day-and/ta-p/329282#M8818

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Execute-a-CLI-Script-based-on-High-Memory-using/ta-p/197758

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Execute-a-CLI-script-based-on-high-CPU/ta-p/195103

kaman

Staff

Hi filiaks1,

Thank you for providing the document along with the screenshots.

You may also refer to the document below for instructions on creating a script to automatically kill/restart the WAD process:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-a-script-to-kill-WAD-process/ta-p/339351

Regards
Aman

filiaks1Author

Explorer III

I have made

even before that article 😉

filiaks1Author

Explorer III

Also useful on FortiADC as it has no auto scripts like FortiGate but it has Fabric stiches.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded