Description |
This article explains how to create automation to restart a process when the FortiGate reaches conserve mode.
This can be adapted to execute other commands or restart other processes depending on the issue.
This should only be applied as a temporary workaround as waiting for a bug fix. |
Scope | FortiGate v7.0, v7.2. |
Solution |
Create an Automation Stitch to try restarting the WAD or IPS processes.
Result:
It is possible to apply directly in CLI (bottom part) or follow the steps in GUI.
Steps in GUI: Create Action (Automation stitches).
Script for wad process:
diagnose test application wad 99
Script option for IPS process:
diagnose test application ipsmonitor 99
Create a trigger.
Create a Stitch.
CLI Option.
config system automation-action edit "RestartWAD" set action-type cli-script set minimum-interval 5 set script "diag test app wad 99" set accprofile "super_admin" next end
config system automation-trigger edit "Enters Conserve Mode" set event-type low-memory next end
config system automation-stitch edit "Restart WAD when Conserve Mode" set trigger "Enters Conserve Mode" config actions edit 1 set action "RestartWAD" set required enable next end next end
Note for WAD: There is a new alternative technic to restart WAD from FOS v7.2: new FortiOS mechanism to automatically restart WAD workers. This can be applied together with this KB article as a safeguard mechanic.
Related documents: Technical Tip: Creating automation stitches Technical Tip: Automation stitch for FortiGate events Technical Tip: How to check why automation stitch is not working as expected Technical Tip: How to restart WAD process using automated script |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.