Adobe Analytics

katep · 11/8/23

I have run into an issue where a single customer seems to be incrementing event4 millions of times on a single hit. It's always the same customer on the same webpage on the same browser. The occurrences metric does not increment along with event4, suggesting event4 is set multiple times on the same hit. The event is configured in Adobe Analytics as a 'counter' , not 'numeric'.

Does anyone have any idea why this might occur? Or ideas to troubleshoot this further?

Thank you

Jennifer_Dungan · 11/8/23

Hmm it sounds almost like on the hit event4 is being sent multiple times?

s.events="event4,event4,event4,event4,event4,event4,event4,event4,event4,event4,event4,event4,....."

Is it possible that something in your code could be getting stuck in a loop adding events? Or maybe this user is hacking something to inject all these events (honestly, many years ago I had someone replace "o" with "0" in several string values, and did so for months. So I should have seen "Local" and instead got "lOcal".....people do some weird things sometimes...)

Can your correlate these calls to specific pages or actions? To see if there is potential code scenario that could occur in your system?

katep · 11/8/23

Mmm yes I was thinking along these lines! Given it's always the same user on the same page, it seems like this user could be doing something hacky. The page in question includes regularly updated data, so perhaps the user was running something to scrape this data and its impacted the analytics code somehow. It's also been occurring for months, but became more extreme lately to the point it set off the anomaly detection reports.

I suppose the only thing I can do is create a global segment to remove this user's wild event4 behaviour so that it doesn't impact reporting, but guess there's nothing that can be done besides blocking this user to stop this from occurring.

Thanks for your thoughts

Kate

Jennifer_Dungan · 11/8/23

Hmm I wonder if you could abort the whole call in Adobe? Or flag it with a "likely spam" flag...

As in, during the doPlugins call in the extension (this is the last part of code that is potentially run before sending data to Adobe), if you could put a check there for the inflated event4... and either run s.abort (to kill the tracking), or append a new custom dimension flag that you can use in reporting as an exclusion?

katep · 11/8/23

Oh that's smart! I'll chat to one of the devs about this.

Luckily the page is getting decomissioned in a few months and replaced with a new one, so hopefully it will resolve all on its own. I'm just glad it's all in one hit, rather than an additional 2 million server calls as I initially feared

Thank you Jennifer.

Jennifer_Dungan · 11/8/23

Good luck! If you need any help with trying to protect your calls now, just let me know.

Adobe Analytics

Single customer sets millions of events on a single hit

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe