i think the observer 2 - 4 is normal behaviour regardelss the logging issue.
he is presenting it like thats the problem, that causes it...

to put it into more context
our guys are connecting to the w365 instances from eu to usa, thats 100+ ms just there, on the top of that customer is running some packet analyzer between w365 and site where we need to connect, so another 40

and the whole issue started cause he request tcpdump from our solution (running robots across the warehouse) while not even having the access point on side but in the server room locked in the metal rack... and he sees packet retrasmits..etc..

i just think he trolls with everything what is "wrong" but actualy is not related to any performance issue,

But wanted to at least have some sort of confirmation if it can cause a problem (never belived that, he throws tanrtrums like this all the time...) but better check

Thank you
that would be all.

Presuming the customer's switch is flagging the VLAN logging mismatch because of CDP, then customer can simply deactivate CDP on their interface.  (Which might be considered a good practice between ASs, something you might consider too.)

2-4% CPU utilization, to me, seem rather high for logging one interface's CDP VLAN mismatch every 3 minutes.  However, regardless, generally any switch's "heavy lifting" (i.e. data plane - frame forwarding) is usually performed by dedicated hardware and CPU load is thereby often not too relevant.  CPU load can be very relevant to its control plane (management), but even there, CPU processing is usually prioritized such that more critical tasks get CPU cycles first.  I.e. even if CPU is running continuously at 100%, it may not be impactful to critical tasks.

Cannot say what's the motivation of your customer.  Perhaps it's not hostility, but something like ignorance; they don't truly understand how switch hardware works and are alarmed by anything that appears to cause something to happen, which may, they believe, degrade performance, like the additional logging.