Ghost resubmits in TN


we have a very strange thing happening in TN on our Production environment:

At some moment 11 old EDI-documents are being resubmitted to TN (and processed after that). This happens on irregular dates and times, but always is about the same set of documents.

There is no trace of any service which can be responsible for this, nor in the server-log or in activity-log in TN. The resubmits have been performed with username ‘Administrator’, which account is locked.

Has anybody seen something like this before?

Does anybody know what happens if I do a right-mouse click - resubmit in TN-console? It looks like this is what is happening.

Thanks for any help.

Kind regards,


Doing a right-click and resubmit would definitely account for this behavior, but as the user that is logged in to TN Console (which might be Administrator but you mentioned that that account is locked down).

This is the behavior of a manual re-submit from within TN console. Does anybody else belong to the Administrator group which would be logging in and performing this manual resubmit…??

I am absolutely sure that this no not a manual resubmit by 1 of my collegues.

It happens at irregular times (interval between 16 days and 10 minutes), on several times of the day (or evening).

I’m looking for some way to trap this without generating an enormous amount of logfiles every day.

It sounds like somewhere in your code there is a buggy BRANCH statement with an active restorePipelineFromFile (since the same documents are being resubmitted).

Here are a couple of suggestions:

  • Under the IS /pipeline, ‘grep’ for some strings in the resubmitted documents. If a pipeline file matches, grep for that pipeline filename under the /packages directory

  • Turn on systemwide audit logging - there is some setting that generates audit log entries to the filesystem or DB. Once you can identify the next ghost resubmit, see which services are being invoked when it occured. In the unlikely case that it’s a user doing the resubmit, the audit log’s session ID field can be correlated with the session log’s IP address and this will identify him.