| Description |
This article describes how to create automation to restart a process when the FortiGate reaches conserve mode. This can be adapted to execute other commands or restart other processes depending on the issue.
This should only be applied as a temporary workaround while waiting for a bug fix. |
| Scope | FortiGate v7.0, v7.2, v7.4 |
| Solution |
Create an Automation Stitch to try restarting the WAD or IPS processes.
Result:
It is possible to apply these settings directly in the CLI (as shown at the bottom of this article) or in the GUI (as shown below).
Steps in the GUI:
Create Action (Automation stitches).
Script for wad process:
diagnose test application wad 99
Script option for IPS process:
diagnose test application ipsmonitor 99
Create a trigger.
Create a Stitch.
CLI Option.
config system automation-action edit "RestartWAD" set action-type cli-script set minimum-interval 5 set script "diag test app wad 99" set accprofile "super_admin" next end
config system automation-trigger edit "Enters Conserve Mode" set event-type low-memory next end
config system automation-stitch edit "Restart processes" set trigger "Enters Conserve Mode" config actions edit 1 set action "RestartWAD" set required enable next end next end Alternative time-based triggers instead of memory.It is recommended to restart WAD or IPS daily during a time of low use to avoid impacting the network. Otherwise, the FortiGate may miss automation when in conserve mode because of non-viable memory.
config system automation-trigger config system automation-stitch
To view the results of the script named 'status' (with no VDOMs):
exec auto-script result status
Script status output:
########## script name: status ########## ========== #1, 2019-10-01 14:24:04 ========== FGT $ get system status Version: FortiGate-100D v6.2.1,build0932,190716 (GA) Virus-DB: 72.00005(2019-10-01 03:19) Extended DB: 1.00000(2018-04-09 18:07) ... output continues ... To view the results of the script named 'status' (with VDOMs - enter it in global): config global
exec auto-script result status Note for WAD: There is a new alternative technique to restart WAD from FortiOS v7.2: New FortiOS mechanism to automatically restart WAD workers. This can be applied as a safeguarding mechanic along with the steps outlined in this article.
Related documents: Technical Tip: Creating automation stitches Technical Tip: Automation stitch for FortiGate events Technical Tip: How to check why automation stitch is not working as expected Technical Tip: How to restart WAD process using automated script |
Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Spring Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiGuest
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiSRA
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiScan
- FortiSandbox
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiWAN
- FortiToken
- FortiVoice
- FortiWeb
- FortiAppSec Cloud
- RMA Information and Announcements
- Lacework
- Wireless Controller
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
- Fortinet Community
- Knowledge Base
- FortiGate
- Technical Tip: Restart WAD or IPS when conserve mo...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.