Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
billp
Contributor

scanunitd taking 99% cpu

Scanunitd is spiking my CPU to 95% fairly consistently. I believe this is the AV scanning component. Could anyone confirm? I' ve been tinkering with the URL and Content filtering recently, so this is also probably straining things a bit more, but it' s clearly Scanunitd at the top of the DIAG SYS TOP command. I am using firmware 4.1.1 and looking at using the option to exempt certain traffic with specific MIME headers. Hoping that might ease things. Any advice re: making AV scanning more efficient would be appreciated. Thanks. Bill

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1

14 REPLIES 14
Adrian_Buckley_FTNT

As a note, this sort of behavior is DEFINITELY a bug.

 

However, without some method of reproducing it any kind of bug fix is a shot in the dark by developers.  Fortinet has it's own QA and they may be able to duplicate the behavior.

Then again they may not.

ramunas
New Contributor II

Hello,

I changed OS from v5.2.1 to v5.2.3 two weeks ago and now I can prove that it was OS bug. I don't have 100% CPU load any more. Now it is ~70-80%, some time much less.

Ramunas

jpp
New Contributor III

Hi,

I had similar issue with scanunitd eating CPU time on FGT-60D

After firmware upgrade I don't have this anymore, but today there were 4 httpsd processes using 100% CPU.

 

Is this related?

What can I do?

Adrian_Buckley_FTNT

HTTPSD is  is the units GUI.  It is completely unrelated to Virus scanning.

 

It could be caused by some poorly chosen filters in some of the chart areas or something like that.

 

 

GusTech

I have the same issue with 60D and 5.2.4

Fortigate <3