FGT1000D Memory Leak Issue (Help with automation stitch!)

Author
Networker
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/11/27 22:12:47
  • Status: offline
2019/11/27 22:23:15 (permalink)
0

FGT1000D Memory Leak Issue (Help with automation stitch!)

Hi All,

I am using a FGT1000D cluster on our network and since we moved from 5.6.3 to 6.2.2 we have found memory leaks occurring on a weekly basis. Typically what will happen is that the WAD service will just suddenly spike and will push the firewall into conservation mode, the only way to fix this is to either manually kill the WAD service through "diag sys kill PID" or to reboot the firewall. 

I have logged a ticket with FortiNet regarding the memory leaks with all relevant details, while I wait for them to get back to me with a recommended course of action I was hoping someone could help me out with an automation stitch.
I have configured a stitch that whenever the firewall goes into conservation mode that two actions occur.
One of the actions is to email me and other colleagues who work on the cluster to notify us that the firewall has entered conservation mode (WHICH WORKS) and another action which is a CLI script which is supposed to restart the firewall in the event of going into conservation mode (THIS DOES NOT WORK)

I will post the stitch configuration below and I am hoping that someone can help me understand what I am doing wrong so that I can get this working and also understand the automation stitches a bit more.

::::CONFIGURATION:::::
-----------------------------
1000D_A (global) # show system automation-stitch "Conservation Mode - Action"
config system automation-stitch
edit "Conservation Mode - Action"
set trigger "Conservation Mode - Action"
set action "Reboot Firewall" "Conservation Mode - Action_email"
next
end


1000D_A (global) # show system automation-trigger
config system automation-trigger
edit "Conservation Mode - Action"
set event-type event-log
set logid 22011
next
end


1000D_A (global) # show system automation-action
config system automation-action
edit "Conservation Mode - Action_email"
set action-type email
set email-to "emailaddress@company" "emailaddress@company" "emailaddress@company"
set email-subject "WARNING: FIREWALL HAS ENTERED CONSERVATION MODE!"
set email-body "The Firewall has entered Conservation mode, please rectify ASAP"
next
edit "Reboot Firewall"
set action-type cli-script
set required enable
set script "config system global
execute reboot
y"
next
end

Thanks in advance!!
#1

0 Replies Related Threads

    Jump to:
    © 2019 APG vNext Commercial Version 5.5