FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 202802
Description This article describes commands to gather the system debugs for the CPU and memory assessment.
Scope FortiGate 6. x,7.x

Some fundamental CLI commands can use to obtain normal operating data for the system.


# get system status: Displays versions of firmware and FortiGuard engines, and other system information.


# get system performance status ( Run for 5 times): Displays CPU and memory states, average network usage, average sessions, and session setup rate, the virus caught, IPS attacks blocked, and uptime


# di sys top 2 50 (Run for 30 Sec and CTRL C to stop): Show top processes information. You can use the di sys top command from the FortiOS CLI to list the processes running on your FortiGate unit.

The command also displays information about each process.


# di sys top-all : Show top threads information.


# diagnose sys mpstat 2 : CPU information.


# diagnose hardware sysinfo interrupts: Display system interrupts information.


# diagnose hardware sysinfo memory: Display system memory information.


# diagnos hardware sysinfo slab: Display memory allocation information.


# diagnose sys top-mem: Display processes with the most used memory (default 5 processes).


# diagnose hardware sys conserve: Diagnose command to aid in conserver mode issues.


# get router info routing-table all: Current active routing table.


# diagnose firewall iplist list: To get information on ip-pool/VIP.


# diagnose sys vd list : List Virtual Domains.


# diagnose sys cmdb info(Run 2 to 4 times) : CMDB information.


# diagnose hardware deviceinfo disk: Display information of all disks. If the unit doesn't have a disk.


# diagnose autoupdate versions: Update object versions.


# diagnose sys session full-stat : It's going to display the session stat(i.e ESTABLISHED state ,SYN_SENT state, etc).


# diagnose debug crashlog read: To get the Crash log info.


Are all these commands added to the tac report output?