List of supported macros

You can use the following macros in the block page text:

• %DATE%—Date and time of the event.
• %APPLICATION%—Name of the application.
• %BUILD%—Application build number.
• %SERVER_NAME%—Name of the computer on which the HTTP request was processed.
• %TYPE%—Type of HTTP message (Request or Response).
• %METHOD%—HTTP message method.
• %RULE_NAME%—Name of the traffic processing rule that caused the web resource to be blocked.
• %THREAT%—Name of the detected malicious object.
• %CURED_LIST%—List of threats that were disinfected.
• %SCAN_RESULT%—Type of detected threat that poses the most threat among all threats detected in the specific object.

  For example, if a virus and a phishing link are detected (av_status="detected" and ap_status="detected") in one object, the virus will be indicated as the value of the macro.

• %CATEGORY%—Category of the processed web resource based on its content theme.
• %PROCESSING_TIME%—Duration of HTTP message processing.
• %WORKSPACE_NAME%—Name of the workspace associated with the processed traffic.
• %USER_NAME%—Name of the user account that is the source of the HTTP request.
• %USER_AGENT%—Application on the user's computer that initiated the HTTP request (User Agent).
• %CLIENT_IP%—IP address of the computer from which the HTTP request was sent.
• %URL%—Web address of the forbidden website.
• %MIME_TYPE%—MIME type of the HTTP message and its parts.
• %FILE_NAME%—Names of blocked files.
• %FILE_TYPE%—Type of blocked files.