Hi All
Hope someone can assist.
Every couple of days we see 100% CPU usage on a single core. Not the same core every time.
The core then sits at 100% CPU for 2 to 6 hours then a couple of days later same thing.
I have checked and it is the SNORT process causing this.
When I disable IPS the CPU usage drops instantly.
Anyone that can assist in helping me figure out WHY this is happening?
Firmware: SFOS 19.5.4 MR-4-Build718
No of policies using IPS: 4 (all LAN to WAN)
Two of the policies are tunnel mode SSL VPN so it gets internet via the VPN.
All policies have web filter applied with about 40 URLs as a whitelist.
Couple of exemptions. configured with the * at the start.
Average CPU usage is 40% - 45%.
Thanks
Added V19.5 MR4 TAG
[edited by: Erick Jan at 1:48 PM (GMT -7) on 26 Jul 2024]
