I am seeing the dataplane cpu spike to over 90% for about 5 minutes and then drop to normal. It comes intermittently with not regularity to when it occurs. I have been doing the show running resource-monitor, show system statistics, and showing the 20 top applications and I can not find it. Any suggestions would be helpful
I'd recommend setting up netflow collection on your interfaces so you get a better insight into the traffic during these spikes.
If it's spiking for an extended period you could possibly tap the uplinks to the firewall and do a packet capture to really gain a good insight into what type of traffic is coming across and when, but you probably wouldn't want to do that packet capture directly on the firewall.
Do you mean using solarwinds or something to do a netflow collections on all the pa interfaces?
Why not do firewall packet capture on the firewall?
That's exactly what I mean. Unless you can narrow down what interface is seeing the increased traffic load so you can limit it to one particular interface. The pan(a)wchrome Chrome extension can monitor some of this information for you to possibly narrow it to a particular interface before you enable netflow so you don't have to enable it across all of them though.
The reason you wouldn't want to do it directly on the firewall is because the process is CPU intensive and always raises the possibility for firewall performance degradation.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!