FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ckumar_FTNT
Staff
Staff
Article Id 198695

Description
This article describes various methods of monitoring CPU and memory resources.

Solution
Method 1 : CLI commands

The following commands will show resource usage:

  1. get system performance status       ....(run it approximately 10 times to have representative samples)
  2. diagnose sys top 2 50                    ...type SHIFT+M to sort by memory (run it approximately 10 times to have representative samples)
  3. diagnose hardware sysinfo memory
  4. diagnose hardware sysinfo shm

Other statistics commands:

  • diagnose firewall statistic show
  • diagnose sys session stat


Method 2 : SNMP polling

Use an SNMP client to monitor the FortiGate resources, CPU and memory, with the following MIB objects:

OID:   .1.3.6.1.4.1.12356.101.4.1.3.0      >>>Current CPU usage (percentage).
OID:   .1.3.6.1.4.1.12356.101.4.1.4.0     >>>Current memory utilization (percentage).



Method 3 : SNMP traps

Configure a SNMP community to send CPU and memory usage traps

config system snmp community
    edit 1
        set events cpu-high mem-low fm-if-change
            config hosts
                edit 1
                    set ip 10.160.0.171
                next
            end
        set name "LAB"
    next
end

Note that the thresholds can be configured:

config system snmp sysinfo
    set trap-high-cpu-threshold 10
    set trap-low-memory-threshold 5
end



Method 4 : Using the Event log (sent syslog and/or FortiAnalyzer)

From the GUI, go to Log&Report, and enable "CPU & memory usage (every 5 minutes)"

Contributors