FG3240C-HA# diag test application ipsmonitor 98
FG3240C-HA# diagnose sys top
Run Time: 1 days, 8 hours and 49 minutes
0U, 0S, 100I; 10956T, 6128F, 193KF
proxyworker 80 S 0.0 0.9
cw_acd 116 S 0.0 0.4
cmdbsvr 57 S 0.0 0.4
httpsd 168 S 0.0 0.3
httpsd 122 S 0.0 0.3
forticron 77 S 0.0 0.2
httpsd 70 S 0.0 0.2
miglogd 68 S 0.0 0.2
scanunitd 130 S < 0.0 0.1
scanunitd 124 S < 0.0 0.1
scanunitd 128 S < 0.0 0.1
scanunitd 129 S < 0.0 0.1
scanunitd 125 S < 0.0 0.1
scanunitd 126 S < 0.0 0.1
scanunitd 127 S < 0.0 0.1
scanunitd 123 S < 0.0 0.1
scanunitd 73 S < 0.0 0.1
urlfilter 79 S 0.0 0.1
wad_diskd 72 S 0.0 0.1
newcli 1525 R 0.0 0.1
# diag test application ipsmonitor
1: Display IPS engine information
2: Toggle IPS engine enable/disable status
3: Display restart log
4: Clear restart log
5: Toggle bypass status
6: Submit attack characteristics now
97: Start all IPS engines
98: Stop all IPS engines
99: Restart all IPS engines and monitor
The most common command that we issue to deal with the IPS Engine running high is the following which restarts the IPS process:
# diag test application ipsmonitor 99
config ids process (default 8)
#config system global
set proxy-worker-count 1
end
# diagnose debug crashlog clear
# diagnose debug crashlog get
沒有留言:
張貼留言