FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 194434


This article describes how to kill all respective processes at once.






Restarting processes in a network may be required if they are not working correctly.

Run the following commands to see information on processes and IDs:


With pidof all process IDs (PIDs) of a certain process type are listed:


diagnose sys process pidof httpsd


Alternatively, use the 'ps' command to list all processes running on the FortiGate device:


fnsysctl ps
2 0 0 S [kthreadd]
3 0 0 S [ksoftirqd/0]
4 0 0 S [kworker/0:0]
5 0 0 S [kworker/u:0]


The PID is listed in the 1st column.


Another method is to use the "top" command to list the currently running processes with highest CPU time or memory usage:


diagnose sys top
Run Time:  0 days, 0 hours and 34 minutes
0U, 0N, 0S, 100I, 0WA, 0HI, 0SI, 0ST; 2005T, 1260F
         pyfcgid      279      S       0.0     1.9
         reportd      149      S       0.0     1.8
         updated      151      S       0.0     1.7
          httpsd      172      S       0.0     1.6
       forticron      144      S       0.0     1.6
          httpsd      186      S       0.0     1.6

The second column from the above command shows the process ID.


If the HTTPS process needs to be restarted, kill all of the process IDs of the "httpsd" process which are running on the unit one by one:

diag sys kill <signal> <process ID>
diag sys kill 11 172
diag sys kill 11 186


In the above command, httpsd processes are killed one by one based on the process IDs shown (172, 186 as in the output for httpsd).
Here, it is necessary to obtain all of the currently running process IDs to perform a restart.


Alternatively, kill or restart all of the httpsd processes at once using the following "killall" command:

fnsysctl killall <process name> 
fnsysctl killall httpsd 


The above single command kills or restarts all of the httpsd processes instead of killing each respective process one by one. When 'fnsysctl killall <process name>' is used, the process crashlog ('diagnose debug crashlog read') is not generated.

The following is another example of restarting the processes with a single command:


fnsysctl killall miglogd         <----- where 'miglogd' is the process for logging.


Related article:

Technical Tip:Diagnose sys top CLI command