daig sys top(press Q to stop the diag sys top command) (if you use adoms first type config global)
A FortiAnalyzer unit deployed in a network can receive hundreds of log messages per second throughout the day. The FortiAnalyzer unit indexes nearly all fields in a log message to include it in the database. This process can be very CPU intensive, as the indexing component is continually running to keep up with the incoming log messages. . . . . All these tasks can be CPU intensive, especially when a combination of them is occurring at the same time. This often can cause the CPU usage to stay at 90% or more. It is important to set the indexing operation to the lowest priority so that the critical processes, such as receiving log messages, are not affected. On smaller devices, such as the FortiAnalyzer-100C, where the CPU and disk speeds are not as fast as the higher-end models, the CPU usage can appear more pronounced.So, not sure if this is exactly your issue, but thought it might be something to look at.
Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
User | Count |
---|---|
2052 | |
1170 | |
770 | |
448 | |
341 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.