Description
This article describes how to stop a long log backup job on FortiAnalyzer if the recommended methods (See the 'Related Article' section at the bottom) do not work:
- Run a second backup job to cancel the initial one.
- Issue the command 'diagnose test app uploadd 57'.
Scope
FortiAnalyzer.
Solution
After having launched a backup task from CLI using:
execute backup logs <device name(s)| all> <ftp/sftp/scp> <ip> <user name> <password> <directory
To stop this ongoing backup task, connect to the FortiAnalyzer via SSH then execute the below commands.
Enable Shell access:
config system admin setting
(setting)set shell-access enable
Enter new password: <----- It is possible to use an empty password */.
Confirm new password:
(setting)end
Then issue the following commands:
execute shell
Enter password:poss
bash$ redis-cli -p 6380
127.0.0.1:6380> keys *backup*
1) "cli:exec:backup:cmd:hash"
127.0.0.1:6380> del "cli:exec:backup:cmd:hash"
(integer) 1
127.0.0.1:6380> exit
bash$ exit
The backup job has been interrupted and it is possible to launch it again later.
Note:
In case cannot be stopped with bash due message 'NOAUTH' or received always the message 'Previous sftp backup session is in progress' when sent again the command execute backup logs <device name(s)| all> <ftp/sftp/scp> <ip> <user name> <password> <directory. It can be used in the following process:
Verify the current PID of the uploadd process with the command diagnose test application uploadd 1, then stop it with the command diagnose system process kill 9 <PID>, after that execute the new backup again. For example:
Example# diag test application uploadd 1
PID=794
UPTIME=2m33s
Example# diagnose system process kill 9 3810
Example# execute backup logs all sftp x.y.z.a Exampleuser Examplepassword /exampletargetfolder
Last backup session was canceled at YYYY-MM-DD HH:SS
This will start a new backup session, Do you want to continue? (y/n)y
Related article:
