Impossible to analyze the tracking log

Amit_Kumar

MVP

04-01-2018

Hi all,

I am getting following error in tracking logs have you ever seen this?

nlmodule Invalid hexadecimal value: '57xxxxx'

nlmodule 81'.

nlmodule Impossible to analyze the tracking log '2017-12-25T17:08:37.14 57xxxxx f51ac61 f54f2df 0 860c7f21-06e3-4281-9d36-d8531cf9fb66 h Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/...

Can anyone help me to fix this

Vipul RaghavAdhiyan

Regards,

Amit

Accepted Solutions (1)

Accepted Solutions (1)

Vapsy

Employee

04-01-2018

Hi Amit,

The tracking log entry captured in the redirection log file is corrupt. Many times it can happen because of the end user's machine/device where the open/clicks are happening.

Short term solution is to get hold of this file from the tracking server and then delete this line, followed by a restart of tracking workflow.

However, there can be many more such lines.

Engineering has made this process more robust starting build 8887. So if you are only a lower build we recommend opting for an upgrade to avoid this issue in future.

Regards,
Vipul

Answers (9)

Answers (9)

david_garcia1

MVP

04-01-2018

Try cross referencing with IIS log files found under %SystemDrive%\inetpub\logs\LogFiles matching the IPs. You can also go one step further to really get an insight about client requests by enabling advanced loggin under IIS manager. More information here (Advanced Logging for IIS - Custom Logging | Microsoft Docs )

This is an out of bounds module addon which must be installed separately, here is the download link, no downtime required, test it in your dev environment. Download IIS Advanced Logging - 64-bit from Official Microsoft Download Center

You can define what extra columns you want to log.

1386682_pastedImage_3.png

Good luck!

Adhiyan

Employee

04-01-2018

Hello David,

This are the headers from left to right for the tracking re-direction file :

The first line is the line identifier (unique)

The 10 fields to fill the mapping's tracking table:

1) Date - timestamped  date of the tracking log

2) BroadLogID in Hex

3) Delivery ID in Hex

4) URL (tagId) in Hex (1 in case of open)

5) Open (0 when it's a click)

6) uuid - permanent cookie assigned to that tracking log

7) type of url (can be html,text or web)

😎 Browser - ((UserAgent) Mozilla/5.0 (Linux; Android 7.1.2; LG-H815 Build/NJH47B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.125 Mobile Safari/537.36)

9) External ID

10) Device IP

Adhiyan

Vapsy

Employee

04-01-2018

Hi David,

These are the headers, taking your sample data as reference

Campaign Tracking Pointer: 40x0000000007C4D164

Timestamp when open/click was performed: 2018-01-04T13:19:15.25

BroadLogID in HEX: 27efb8cb

DeliveryID in HEX: 3ace3690

tagID in HEX: 1

Open/Click (1 stands for Open, 0 for click): 1

Tracking UUID (coming from the cookie in your system): 2F201F49-5F32-4607-A313-11A02427C722

Text or HTML(t for text and h for HTML)?: h

User Agent String to determine your device and browser details: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36

IP from where the open/click was received: 49.0.2725.64 

Vapsy

Employee

04-01-2018

There is no clear reason known as corruption of information happens on end user's machine which is not in control of Campaign.

End user is using a browser with add-ons or extenders that hinder with the data being passed to Campaign redirection server.

Virus or someother tool modifying the hex values in the emails being clicked.

These are all hypothesis and hence we really don't know what causes it as a result we have made the system capable of handling more of these situations

Amit_Kumar

MVP

04-01-2018

Thanks, Vipul, I am more interested in know why they are corrupted in the first place? is it because of encryption or some other problem?

Amit_Kumar

MVP

04-01-2018

I am not sure what happened here, but I think, I have to wait for the update? Now, I have narrowed down to 5 different IP address, so maybe they are using some extra extension or something in their browser?

david_garcia1

MVP

04-01-2018

So it appears you have an extra corrupted BroadLogID  hex value ? 

???
BroadLogID DeliveryID
57xxxxx
f51ac61 
f54f2ec 

As per the staff theory about the data being passed through to the redirection server being altered by something then perhaps it can be replicated if you add extra values to the redir link, I expect it to fail if it contains unexpected values, could it be the redir service not handling a particular request properly? uhmm not sure

Amit_Kumar

MVP

04-01-2018

Hi David,

It's failing for BroadLogID in Hex, highlighted one:

2017-12-25T17:56:40.65 57xxxxx f51ac61 f54f2ec 0 d23d5e92-8a8f-4fe8-b644-179563c2155b h Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36  xx.xx.XXX.Xx

Regards,

Amit

david_garcia1

MVP

04-01-2018

This is how it appears on one of my tracking files;

Line 4453: 40x0000000007C4D164 2018-01-04T13:19:15.25 27efb8cb 3ace3690 1 1 2F201F49-5F32-4607-A313-11A02427C722 h Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 OPR/49.0.2725.64

Line 5319: 40x0000000007C4D4C6 2018-01-04T13:20:43.19 27e7124c 3acdf064 1 1 8ACCD9B4-C4D4-4C79-88E0-FC1C49179FF4 h Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36

Amit Kumar​ How does it appear on yours? in which column does the corrupted hex appear?

@Vipul Do you know the header labels for the redirection file?