URLScan and its effects on Report Exporter and the UI


Webtrends Analytics 8.x
Webtrends Analytics 9.x


You are having either problems with the user interface or report exporter. Some possible problems may refer to excessive string length, others may simply be 400 errors.


URLScan is a Microsoft product designed to protect IIS servers against attack using the url. These can include sql injection attacks that use a long string to create a buffer overrun error.

If URLScan is installed, in the WINDOWSsystem32inetsrvurlscan folder will be a file called urlscan.ini. This file controls the allowed url string length. By limiting the string length allowed, the IIS server is protected against various attacks. However, webtrends requires a certain string length to interact with the data and site. This is especially important with DRA and Report Exporter, where long strings are sent to the UI server describing the profile, report and date range requested. URLScan can stop that string from reaching our ui server.

Here are 3 lines inurlscan.inithat affect the string length.

You can see here how settingMaxQueryString below the normal level would stop Report Exporter from working.

To repair this situation, simply reset to default levels and run IISRESET. IISRESET must be run to apply your changes tourlscan.ini.

More Information