FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
jdvorak
Staff
Staff
Article Id 195481

Description

 

This article explains how HD usage is divided on FortiGate.
 
Scope
 
FortiGate.


Solution

 

The total HD usage can be found by running the command 'diagnose sys logdisk usage'.
 
diagnose sys logdisk usage
Total HD usage: 29540MB/29540MB
Total HD logging space: 11250MB
HD logging space usage for vdom "1": 5875MB/10240MB
HD logging space usage for vdom "2": 7MB/256MB
HD logging space usage for vdom "3": 7MB/256MB
HD logging space usage for vdom "root": 10MB/256MB
Total HD Usage space is 29540MB
 
The disk space is divided into two parts:
- log-disk-quota
- wanopt storage

The current values can be displayed by running the following commands:
 
show system resource-limits
config system resource-limits
set log-disk-quota 15000
end
 
config wanopt storage
edit Internal
get
name : Internal
size : 512
webcache-storage-percentage: 0
webcache-storage-size: 0
wan-optimization-cache-storage-size: 512
 
In this case, the configured disk quota is 15 000MB. 
 
However, the total HD logging space is 11 250MB. This is because FortiGate is using by design only 75% of the disk.
 
75% of 15 000MB = 11 250MB (Total HD logging space: 11 250MB)

The rest of disk space is ready to be used either in more disk quota or in wanopt storage, in this case up to 14 540MB.
 
config wanopt storage
edit Internal
set size
<integer> maximum total size of files within the storage range from 512 to 14540(MB)
 
Disk quota 15 000MB + Max WanOpt Storage 14 540MB =  Total HD Usage space 29 540MB.

A maximum disk log quota of 29 028MB can be configured which will leave only 512MB for WanOpt (29 028 + 512 = 29 540).
 
config system resource-limits
set log-disk-quota
<integer> disk quota within range 11008-29028 MB

 

Note:

During troubleshooting high CPU utilization, it is recommended to check who accesses the HDD and how often.
On FortiOS 7.4.2 GA , a new command has been introduced which shows each file access attempt's PID, process name, and accessed file path:

 

diagnose sys iotop

<interval> Print interval in seconds (default to 5). Accept value from 5 to 3600.


diagnose sys iotop 5

PID           #O       #R       #W       #C        PROCESS       FILE
2012          1           1          0          1         forticron           /var/run/dhcpd.pid
2025          1           0          1          1         reportd            /var/log/log/root/report/60/1703839800.rpt

 

PID           #O          #R     #W        #C        PROCESS      FILE
2012          1           1          0           1         forticron         /var/run/dnsproxy.pid

 

PID          #O         #R       #W         #C        PROCESS FILE
2012          1            1          0           1         forticron         /var/run/dnsproxy.pid

PID          #O         #R        #W        #C         PROCESS FILE
2012           1          1           0           1          forticron        /var/run/dhcpd.pid