Description
This article describes how to use Policy Monitor in FortiOS 5.2 to investigate the cause of the entry in conserve mode. On larger devices, where traditional tuning does not have any impact on mitigating performance issues like conserve mode, it is necessary to see how much traffic the device is processing.
Scope
FortiGate v5.2.x
Solution
This article describes how to use Policy Monitor in FortiOS 5.2 to investigate the cause of the entry in conserve mode. On larger devices, where traditional tuning does not have any impact on mitigating performance issues like conserve mode, it is necessary to see how much traffic the device is processing.
Scope
FortiGate v5.2.x
Solution
Using the policy monitor, it is possible to see which policy is currently handling the largest number of sessions. Upon identifying the actual policy it is possible to find that some form of UTM may be applied, and therefore could be the root cause for entering in conserve mode.
To see which process is most used and puts the system in conservation mode, use:# diagnose sys topFor example, if the process is ipsengine, and the policy detected as having the largest number of sessions has IPS enabled, then the combination UTM on this policy may be overloading the system.
# diagnose sys top-summary
# diagnose debug crashlog read
