I had a customer call me panicking that their FortiGate CPU was pegged at 100%, while sitting idle. My first question was "What firmware rev are you running?" and the answer was "v7.0.8"my first thought was "hmm, I haven't heard of any issues like that, can we do a screen share?"
So I hop on the screen sharing session, and the customer shows me their dashboard - I should add they customized their dashboard - and they key in on this:
So I grin a bit, and open CLI and run diag sys top:
As you can see, the CPU is 100% IDLE, not active, so I explain to the customer that the 100% CPU indicates that ALL sessions are being handled by the CPU, since they haven't put the device into service yet, any and all sessions are UI sessions, but nothing is flowing through the FortiGate.
The customer asked "How can I tell", so we added the "CPU" widget back to the dashboard, and it all made sense then:
So as you can see, when your FortiGate isn't doing anything, you might see the above and you need not worry, that's completely OK.
Thank you for reading, I hope this helps.