Home > Uncategorized > Track the CPU and RAM utilization of a process on FortiOS

Track the CPU and RAM utilization of a process on FortiOS

On Windows/cmd:

Create a file (that is very secure) with the contents:

echo "conf global" > c:\plink_fortigate.txt
echo "diag sys top 20 40" >> c:\plink_fortigate.txt

Use plink to run the connection, and the win32 ports of grep, awk and sleep:

Replace “ssl” with the process you wish to monitor:

echo echo ^%date^%,^%time^% ^>^> c:\output.csv ^&^& plink -pw "admin's password" admin@192.168.100.1 -m c:\plink_fortigate.txt 2^>^&1 ^| grep ssl ^| awk "{print $4, $5}" OFS="," ^>^> c:\output.csv ^&^& sleep 5s > c:\fortigate_proc_watch.bat

Run it 20000 times:

for /l %G in (0,1,20000) do c:\fortigate_proc_watch.bat

 
On *nix/bash:

Create a file (that is very secure) with the contents:

echo "conf global" > ~/ssh.in
echo "diag sys top 20 40" >> ~/ssh.in
chmod 600  ~/ssh.in

Use ssh to run the connection:

Replace “ssl” with the process you wish to monitor:

yum -y install sshpass #in rpmforge and fedora repos
echo '#!/bin/bash' > ~/fortigate_proc.sh
echo "datetimepre=\$(date)" >> ~/fortigate_proc.sh
echo "output=\$(sshpass -p 'admin password' ssh admin@192.168.100.1 < ~/ssh.in 2>&1 | grep ssl | awk '{print \$4, \$5}' OFS=',')" >> ~/fortigate_proc.sh
echo "echo \$datetimepre,\$output >> ~/output.csv" >> ~/fortigate_proc.sh
chmod 700  ~/fortigate_proc.sh

Run it once every 5 seconds times:

watch -n 5 ~/fortigate_proc.sh

Conclusion:
The first column is the CPU, the second is RAM.

This will repeatedly connect using SSH and run `diag sys top`, disconnecting and killing `diag sys top` when done. This should work fine unless there’s a bug in FortiOS.

Alternately, you can us `diag sys top` to obtain the PID of the target process, set it as an environmental variable, then parse the output of `fnsysctl cat /proc/[PID]/status` or ../stat or ../statm.

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: