memory

sims · ‎05-13-2019

Hi,

Firewall shows 70% , how can I know what causing the high memory .

Thanks

Bubu · ‎05-13-2019

Hi Sims

get system performance top <REFRESH-RATE> <NBR-LINE>

* Press P to sort the processes by the amount of CPU used

* Press M to sort the processes by the amount of memory used

Regards,

Bubu

Tindrli · ‎05-13-2019

You can use

diag top sys 1 30

sims · ‎05-13-2019

Hi,

For diag command do I need to login to the vdom ?

How can I do that

Thanks

Tindrli · ‎05-13-2019

You can swap between VDOMS in GUI (global>system>vdoms), select VDOM you want to check, then open console on the right side and check the memory status

mjozo8 · ‎05-13-2019

I got same problem

i used your command and i got that problem is ips engine.

I have it setup for severity (medium, high and critical)

Location sever OS Windows for application IIS, MSSQL,MS_Exchange, ASP_app

Protocol: SMTP

Application MSSQL

I use it on 5 policy's.

Is it too much for Fortigate 80E so it increasing memory consumption so i need to restart it every 5 days (it got from 55% to 90% in that time)

       ipsengine      201      S <     0.5     9.3

       ipsengine      203      S <     0.1     9.3

       ipsengine      202      S <     0.5     9.2

       ipsengine      204      S <     0.0     9.1

          httpsd    27290      S       0.5     2.9

       ipshelper      153      S <     0.0     2.3

             wad      158      S       0.0     2.3

             wad      165      S       0.0     2.3

             wad      156      S       0.0     2.3

             wad      157      S       0.0     2.3

        dnsproxy      169      S       0.0     1.8

         cmdbsvr       97      S       0.0     1.5

          httpsd    27445      S       1.3     1.4

         pyfcgid    24453      S       0.0     1.3

         pyfcgid    24454      S       0.0     1.3

         pyfcgid    24452      S       0.0     1.3

         pyfcgid    24447      S       0.0     1.2

          cw_acd      172      S       0.0     1.0

          httpsd      128      S       0.1     1.0

         updated      148      S       0.0     0.8

Michel_van_Geest · ‎05-13-2019

Hi,

Did you upgrade your device lately ?. Did you follow the upgrade-path steps ?.

If not .. you probably have a old IPS engine running on your machine. Download the new IPS engine and install it on your machine.

You can find this under SYSTEM->FORTIGUARD. ... and offcourse when you are using VDOMs its onder "Global -> SYSTEM-> Fortiguard"

Should look like

IPS Definitions Version 14.00612 Upgrade DatabaseIPS Engine Version 4.00035 Malicious URLs Version 2.00183

mjozo8 · ‎05-13-2019

I upgrade it to 6.2.0 trough System->Firmware.

I went to FortiGuard and all is

Intrusion PreventionLicensed - expires on 2019/09/23 IPS DefinitionsVersion 14.00612 IPS EngineVersion 4.00219 Malicious URLsVersion 2.00188 Botnet IPsVersion 4.00474 Botnet DomainsVersion 2.00242

I have restarted Fortigate this morning because of 83% memory and after reboot it is 53%.

       ipsengine      201      S <     0.4     3.1

       ipsengine      199      S <     0.0     3.0

       ipsengine      200      S <     3.4     3.0

       ipsengine      198      S <     0.0     3.0

          httpsd      197      S       0.4     2.5

             wad      157      S       0.0     2.4

             wad      162      S       0.0     2.4

             wad      155      S       0.0     2.4

             wad      159      S       0.0     2.4

       ipshelper      156      S <     0.0     2.0

I disabled IPS Filters and all Rate Based Signatures (3 was active) before restart

mjozo8 · ‎05-14-2019

I had chat with support team.

Bellow is answer:

Please be informed that this is a know issue on this firmware The issue should be resolved in new patch release 6.2.1 which is coming around May 21-25 tentatively. You can use following article for Memory optimization but best option will be to revert back to the previous firmware partition. Whatever changes you have made since upgrade to 6.2.0 will be lost - for your information. This is the article to boot back to the previous firmware partition: Technical Note: Selecting an alternate firmware for the next reboot: https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD31908&sliceId=... Following is an article to optimize memory settings: Technical Note: Memory optimization techniques for FortiOS: https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD35126&sliceId=...

sims · ‎05-28-2019

Hi,

here is the process list , how can I know which process is taking high resource

Run Time: 360 days, 21 hours and 57 minutes

0U, 0N, 0S, 100I; 3955T, 1936F, 212KF

httpsd 18188 S 1.5 1.2

sqldb 91 S 0.0 2.5

httpsd 9677 S 0.0 1.1

httpsd 8535 S 0.0 1.1

proxyworker 97 S 0.0 1.0

proxyworker 102 S 0.0 1.0

pyfcgid 24934 S 0.0 1.0

miglogd 72 S 0.0 0.9

pyfcgid 23413 S 0.0 0.9

pyfcgid 23414 S 0.0 0.9

pyfcgid 24933 S 0.0 0.9

pyfcgid 23412 S 0.0 0.9

reportd 92 S 0.0 0.9

cw_acd 29453 S 0.0 0.9

cmdbsvr 51 S 0.0 0.8

updated 138 S 0.0 0.8

pyfcgid 23410 S 0.0 0.7

miglogd 134 S 0.0 0.6

miglogd 133 S 0.0 0.6

hasync 100 S < 0.0 0.6

httpsd 21188 S 0.0 0.6

ipshelper 17051 S < 0.0 0.5

httpsd 25021 S 0.0 0.5

dnsproxy 114 S 0.0 0.5

authd 88 S 0.0 0.5

httpsd 75 S 0.0 0.4

httpsd 130 S 0.0 0.4

thmd 123 S 0.0 0.4

newcli 25055 R 0.0 0.3

newcli 24948 S 0.0 0.3

newcli 11593 S 0.0 0.3

fgfmd 118 S 0.0 0.3

forticron 85 S 0.0 0.3

forticldd 87 S 0.0 0.3

snmpd 94 S 0.0 0.3

src-vis 106 S 0.0 0.3

fcnacd 89 S 0.0 0.3

alertmail 113 S 0.0 0.3

hatalk 95 S < 0.0 0.3

zebos_launcher 59 S 0.0 0.3

quard 112 S 0.0 0.3

eap_proxy 115 S 0.0 0.3

fnbamd 80 S 0.0 0.3

sshd 110 S 0.0 0.3

uploadd 71 S 0.0 0

Thanks