Help
FortiSwitch
FortiSwitch: secure, simple and scalable Ethernet solutions
Adolfo_Z_H
Staff
Staff

Created on ‎10-10-2023 10:20 PM Edited on ‎08-06-2025 12:27 AM By Staff

Article Id 278355

Technical Tip: Investigate high CPU usage on FortiSwitch

Description

 

This article describes how to Investigate high CPU usage on FortiSwitch.

 

Scope

 

FortiSwitch.

 

Solution

 

Normally, FortiSwitch might have CPU usage peaks and it is normal behavior if there are some advanced features enabled like Sflow, Port Span, Rspan, and ERSPAN. There is nothing to worry about. 

However, if there is a sustained high CPU consumption, this should be investigated if it is causing low network performance. The most common culprits could be incorrect or non-optimized configurations or network instability.

 

The FortiSwitch GUI interface is not designed for long-term monitoring and it is best to capture device performance metrics indirectly using SNMP. High system resource usage by the HTTPSD daemon should be expected due to widgets displayed on the landing page. It will stop when the unit is logging off and display other GUI sections with no widgets.

 

To expedite analysis by a TAC engineer, include the following information when opening a ticket to investigate this kind of behavior:

 

  • If the FortiSwitch is managed by the FortiGate (OR) if it is in standalone FortiSwitch.
  • How long this behavior is experienced
  • If there are any recent changes such as configuration changes, software upgrades, etc. before the problem.
  • How many FortiSwitches are connected to the network.
  • How many offending FortiSwitches are connected to the network.
  • If the problem is specific to a particular FortiSwitch (OR) all models of FortiSwitches.

 

Use a CLI command executor to retrieve the following information and save it into a text file.

Technical Tip: How to create a log file of a session using PuTTY

 

Provide the following output from the affected FortiSwitch: Do not log into the FortiSwitch WEB GUI or another concurrent SSH session on the affected device while performing the following diagnostics:

 

fnsysctl top  <- Run this for a minute when the CPU is going high. To stop, press Ctrl + C.

diag sys top <- Run this for a minute when the CPU is going high. To stop, press Ctrl + C.

diagnose switch physical-port linerate up <- Run this for a minute when the CPU usage is high. To stop, press Ctrl + C.

get system performance status <- Execute 3-4 times.

get hardware cpu

fnsysctl ps

diagnose hardware sysinfo memory

fn ps -wl

fn ps -lw

diagnose hardware sysinfo slab

diagnose hardware certificate

diagnose debug crashlog read

get switch modules summary

get switch modules detail

get switch modules status

get switch modules limits

diagnose debug report

 

If the FortiSwitch is managed by FortiGate, configure the file from the FortiGate under Wifi and switch-controller -> Managed Fortiswitch -> Topology.

9447
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.