Fortigate 90d running 5.4.2, happened on 5.4.1 as well.
Very often, my FG90D is at very high CPU utilization.
Diag sys top shows reportd is always the culprit.
I've tried a lot of things, and cannot resolve the issue.
Log Settings -> Enable Local Reports is off.
It has a very basic configuration, can easily be rebuilt.
Does anyone have any ideas?
(I've killed reportd, it comes back some time later. I've tried different firmware versions, same problem)
Diag sys top results:
un Time: 18 days, 3 hours and 29 minutes
97U, 2N, 0S, 1I; 1839T, 1122F
reportd 1404 R 97.4 0.8
httpsd 132 S 0.7 1.4
newcli 2512 R 0.7 0.8
httpsd 133 S 0.3 1.4
httpsd 2507 S 0.1 1.2
cw_acd 108 S 0.1 1.1
iked 86 S 0.1 0.7
ipsengine 2363 S < 0.0 4.5
dnsproxy 105 S 0.0 2.1
pyfcgid 2484 S 0.0 1.7
cmdbsvr 39 S 0.0 1.6
pyfcgid 2483 S 0.0 1.5
pyfcgid 2482 S 0.0 1.5
pyfcgid 2481 S 0.0 1.4
scanunitd 2371 S < 0.0 1.4
scanunitd 2372 S < 0.0 1.4
ipshelper 2362 S < 0.0 1.4
scanunitd 85 S < 0.0 1.4
sslvpnd 76 S 0.0 1.3
miglogd 58 S 0.0 1.2
fg90d #
I never had any policies in learning mode, but just in case, I tried turning off Policy Learning in System Features. It looked very promising, as I didn't experience high reportd CPU usage for several days. Unfortunately, the problem occurred once again just now.
I opened a case on this problem.
I have a very basic config, and I'm able to make changes as requested by support.
They asked me to update to 5.4.4 build 1117, which is now running, and the problem occurred within an hour.
I will update if the problem gets resolved.
Note: There was an entry in the release notes for 5.4.4
In the "Resolved Issues" section, Bug ID 369778 says: FWF_90D daemon report takes 99% of CPU Time.
I'm not running a FWF, it is a FGT90DPOE, and the issue wasn't resolved. I couldn't find any other reference to bug ID 369778.
I also upgraded our Fortigate 90D to firmware 5.4.4 build 1117, and very soon experienced the problem again. Thanks for opening that ticket, and please keep us updated with what you learn!
I had the problem immediately after updating to 5.4.4. Within an hour, CPU spiked for two hours, again for reportd.
However, it hasn't occurred since then.
There are still occasional CPU spikes, but they don't last for hours (they last for less than my 5 minute polling interval).
It has been fine for almost a week.
I'm leaving the case open for Fortinet's standard 14 days, I will post here if it lasts the entire 2 weeks without repeating.
Finalizing the post for me.
5.4.4 resolved the issue.
As I said previously, there was a spike immediately after upgrading to 5.4.4 that led me to think it didn't resolve the issue, but CPU Utilization has been as expected in the two weeks since that particular spike.
Had the same issue on a 90D with 99-100% CPU use in all versions from 5.4.2 up to 6.0.3. Followed upg. matrix
Still had max CPU.. Deactivated log to disk, CPU dropped down to 2%
Fortigate <3
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.