FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes the situation where it has the high memory usage in the fgtlogd process when API queries to add or remove objects.
Scope
FortiGate v7.4.1
Solution
On FortiGate:
Configure FortiGate to send logs to FortiAnalyzer:
config log fortianalyzer setting
set status enable
set server "10.10.10.10"
end
After upgrading FortiGate firmware version to be v7.4.1, when API queries are sent to add or remove objects, it causes high memory usage in the fgtlogd process.
FGT # diagnose sys top-mem 99
fgtlogd (246): 2495624kB
node (2055): 71900kB
wad (2132): 68128kB
ipshelper (2084): 33201kB
wad (2129): 21295kB
cmdbsvr (1969): 18607kB
cw_acd (2088): 15765kB
wad (2130): 14632kB
nsm (2022): 10735kB
...
FGT #
To fix the issue:
Temporary workaround: If the FortiAnalyzer visualization feature is not needed, cancel it by running the following CLI command on FortiAnalyzer:
diagnose test application oftpd 20 interval time=0 dev=<FortiGate’s Serial number>
Example:
diagnose test application oftpd 20 interval time=0 dev=FGTABC1234567890
Permanent fix: Upgrade the FortiGate firmware version to v7.4.9 or above.
