Hello,

I'm finding that on occasion Xymon issues false positives for PORTS or PROCS. On closer inspection, it's possible to identify in those alerts that the recorded client data is correct, containing the netstat and ps listings with the expected ports and processes. However, Xymon will still alert. When this happens, it will happen for a bunch of hosts at the same time. There's no specific pattern. It's not very frequent (maybe twice a week), but enough to be annoying, as it can affect a few dozens of hosts.

Given that the client data seems complete, it doesn't seem to be a buffer issue (at least not a configurable one), so I'm at a loss at what may be the issue here. Also, there's been no version change, (still) running 4.3.27, or any other major change to the system (it's a CentOS 7 VM).

I welcome any hints/speculations about what could be causing this!

Thanks everyone.