Variables in Application Control message templates

You can use the following variables in user message templates or administrator message templates:

Name of the rule that was triggered – %RULE%.
Name of the rule that blocked the execution of a file.
Current date – %DATE%.
Date when the execution of the file was blocked in the DD.MM.YYYY format.
Current time – %TIME%.
Time when file execution was blocked in the HH:MM format.
User name – %USER_NAME%.
Name of the current user account on the computer on which file execution was blocked, in the <device name>\<user alias> format (for example, DESKTOP-123\John.Smith).
Computer name – %COMPUTER_NAME%.
Name of the computer on which file execution was blocked.
Executable file name – %FILE_NAME%.
Name of the executable file of the blocked application.
KL category of the executable file – %KL_CAT%.
KL category to which the blocked application belongs (for example, Browsers).
Path to executable file – %FILE_PATH%.
Full path to the executable file of the blocked application.
Executable file version – %FILE_VERSION%.
Version of the executable file of the blocked application.
Original name of the executable file – %ORIGINAL_FILE_NAME%.
Original name of the executable file of the blocked application. The file name is specified in the properties of the executable file of the application.
Vendor – %FILE_PUBLISHER%.
Vendor of the blocked application.
Application name – %FILE_PRODUCT_NAME%.
Name of the blocked application.
Application version – %PRODUCT_VERSION%.
Version of the blocked application.
Executable file hash – %FILE_HASH%.
Hash of the executable file of the blocked application.
Certificate issuer – %CERT_ISSUER%.
Issuer of the certificate that the executable file is signed with.
Certificate subject – %CERT_SUBJECT%.
Subject of the certificate that the executable file is signed with.
Certificate thumbprint – %CERT_THUMBPRINT%.
Thumbprint of the certificate that the executable file is signed with.

Page top