How to Fix High CPU Usage on Palo Alto PAN-2020

Reply
Highlighted
L0 Member

How to Fix High CPU Usage on Palo Alto PAN-2020

Hello,

We use this FW as proxy, we have PaloAlto1 and PaloAlto2 it's cluster how can I troubleshoot this issue.

Thank's you

Best regards,

Tags (6)
L7 Applicator

Re: How to Fix High CPU Usage on Palo Alto PAN-2020

Start by looking at the cpu resources following this tech document.  This will let you know what process is at issue.

How to Interpret: show system resources

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
L0 Member

Re: How to Fix High CPU Usage on Palo Alto PAN-2020

Hi Steven,

Thank you for your reply, so i need to launch this commande in order to see what process causing the problem.

Best regards,

L7 Applicator

Re: How to Fix High CPU Usage on Palo Alto PAN-2020

First of all, we need to identify which CPU is high,  MP CPU (management-plane) or DP CPU (data-plane)...?

The above documents will help you for MP-CPU. From the GUI of the PAN firewall, if you go to Dashboard >> @ bottom left corner, it will show you the CPU utilization.

Example:

dashboard.JPG.jpg

NOTE: To understand DP CPU, you can apply below mentioned CLI commands.

CLI> show running resource-monitor

CLI> show session info

CLI> show session meter

CLI> Debug data-plane pool statistics

CLI>> show counter global filter delta yes  >>>>>>>> Run this command 10 times with a 5 sec interval.

Hope this helps.

Thanks

L4 Transporter

Re: How to Fix High CPU Usage on Palo Alto PAN-2020

What PanOS version are you running, and which CPU is under the load?

If it's the management CPU, and the spike is every 5 minutes or so, there's nothing you can do about it. Version 6 is supposed to help in reducing these spikes, but it's caused by the log index process, which kicks off every 5 minutes, and will normally kick your management CPU up to 60-70% for a couple of minutes.

As I said, V6 is supposed to fix this - haven't installed V6 yet, so I can't comment one way or another if it does.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!