ipsengine -> 100% CPU

What version of the ips engine are you running ? We had a problem with this until we pushed a new IPSsignDB file.

I have the same problem. As soon as I change the state (enable or disable) of a signature the CPU load jump to 100%. I have a blade system with FG5001, FortiOS 3.00-b0572(MR5 Patch 4)

I have the same issue and at first support said it was a one-time issue due to an IPS engine update however it has happened several times since. You can restart the ipsengine by issuing the following command: diag test app ipsmonitor 2 diag test app ipsmonitor 2 Yes, you have to execute it twice. Once to stop the ipsengine and once to start it back up. You can find out what version of the IPS engine you' re running using this command (I' m on 1.092): get system fortiguard-service status I' m hoping that the TAC will have a permanent fix shortly but I' m not counting on it . . .

As per our Fortinet SE Engine 1.093 should resolve this problem.

g3rman, engine 1.095 is being distributed by support to fix the issue. Apparently they' re still QAing it for full release in the next few weeks. I don' t know if this means that 1.093 still has the issue or not.

As per our SE they are now releasing Engine 1.096 which fixes the infinite loop condition which causes the high CPU utilization. I keep pushing for a date but they appear to be taking their time to make sure the problem is solved. At the same time I found that instead of stopping and starting the process as per the post above you can also use a single " restart" command: diag test app ipsmonitor 99 Test level 99 can be used for restarting all other services as well as far as I am aware of.