- Analytics Admin Guide
- Analytics Release Notes
- Adobe admin console
- Analytics admin tools
- Admin tools overview
- Code Manager
- Analytics Inventory
- Data Sources
- Exclude by IP address
- Logs
- Reporting Activity Manager
- Component migration
- Report Suite manager
- Edit settings of a report suite
- General
- General Account settings
- Internal URL Filters
- Customize Calendar
- Paid Search Detection
- Processing Rules
- Processing rules overview
- Processing Rules
- Processing rules examples
- Examples of processing rules
- Populate a campaign ID from a query string parameter
- Set the product view event from the product overview page
- Add a subcategory by concatenating the category and page name
- Clean up values in a report
- Populate internal search terms using a query string parameter
- Copy a context data variable to an eVar
- Set an event using a context data variable
- Remove an event from a hit
- Processing rules tips and tricks
- Bot Rules
- Privacy Settings
- Timestamps Configuration
- Server-Side Forwarding
- Traffic
- Conversion
- Marketing Channels
- Traffic Management
- Default Metrics
- App Management
- Media Management
- Activity Map
- AEM
- Adobe Campaign
- Privacy Reporting
- Document Cloud Management
- Advertising Analytics Configuration
- Real-Time
- General
- Manage report suites
- Global report suites
- Save a report suite search
- Download report suite settings
- New report suite
- Report suite templates
- Edit settings of a report suite
- Company Settings
- Data Governance Privacy Labeling
- Server Call Usage
- User and Product Management (Legacy)
- Admin API
- Adobe Analytics 1.4 API EOL FAQ
Common bot signatures
While identifying bots in a data set is different depending on the environment, here are some common ways to identify bots.
High number of page views per visit
You can pull a Data Warehouse report with IP address, page views, and unique visitors. Then create a calculation in Excel for page views per visit, and sort from highest to lowest. Bots commonly have a very high number of page views per visit (several hundred to thousands). You will see a sharp decline as you move into actual real traffic.
No referrer
Bots typically don’t have a referring URL. In segmentation this can be filtered as Referring Domain equals Typed/Bookmarked.
Strange User Agents
Bots often use custom user agents that aren’t classified in the Browsers dimension or show up as an unknown version of a standard browser. Unknown Safari and unknown Opera have an extremely high likelihood of being bots.
Linux or “Not Specified” operating systems
We don’t mean to discredit the great open-source Linux operating system, but apparently bots like to set it as their operating system. However, be careful about excluding legitimate traffic from Linux users. Bots also like to not set an operating system, which can be segmented on as Operating System equals Not Specified.
Page Views = Visits = Unique Visitors
This applies especially to the user agent report. As you can see in the screenshot below, the “unknown version” of these browsers has almost the same number of visitors as unique visitors (and almost the same number of page views). This can be isolated in segmentation by building an Include container for Single Page Visits equals Enabled or Hit Depth is less than 2.
Visit number of 1
Bots usually get a new visitor ID every time they execute, thus incurring only one visit ever and all their traffic will consist of a visit number of 1.
Lower monitor resolutions
Modern users have much higher resolution monitors than in years past. Hits with the following resolutions seem to be very popular for bots:
- 1024 x 768
- 1366 x 768
- 1600 x 864
- 800 x 600
- 1600 x 1200
- Not Specified
- 1024 x 667
Country + Time Zone mismatch
You would notice a mismatch between the originating country and the time zone. For example, the location might be the United States but the time zone might me GMT.
Not logged in
The user doesn’t log in at any point in their visit, and their user identification eVars aren’t persisting from previous visits. While some bots can be set up to authenticate, the majority aren’t that smart.
No KPIs in visit
Bots typically don’t add products to a shopping cart or check out. Most of the time they aren’t submitting lead forms or other success events, but some bots do submit simple HTML forms.
Specific query string present
Sometimes bots try to bust cache or otherwise break sites by hitting malformed URLs or URLs that don’t exist (like typical LAMP or Wordpress admin pages) or by appending specific query strings.
IP addresses that originate from distributed computing platforms
Web hosting services like Amazon Web Services or Google Cloud can be abused as bot farms. These IP addresses are at a high risk of being bots:
- Google Cloud: IP address starts with
35.199or35.194
