List of supported macros

December 13, 2023

ID 187727

You can use the following macros in the block page text:

  • %DATE%—Date and time of the event.
  • %APPLICATION%—Name of the application.
  • %BUILD%—Application build number.
  • %SERVER_NAME%—Name of the computer on which the HTTP request was processed.
  • %TYPE%—Type of HTTP message (Request or Response).
  • %METHOD%—HTTP message method.
  • %RULE_NAME%—Name of the traffic processing rule that caused the web resource to be blocked.
  • %THREAT%—Name of the detected malicious object.
  • %CURED_LIST%—List of threats that were disinfected.
  • %SCAN_RESULT%—Type of detected threat that poses the most threat among all threats detected in the specific object.

    For example, if a virus and a phishing link are detected (av_status="detected" and ap_status="detected") in one object, the virus will be indicated as the value of the macro.

  • %CATEGORY%—Category of the processed web resource based on its content theme.
  • %PROCESSING_TIME%—Duration of HTTP message processing.
  • %WORKSPACE_NAME%—Name of the workspace associated with the processed traffic.
  • %USER_NAME%—Name of the user account that is the source of the HTTP request.
  • %USER_AGENT%—Application on the user's computer that initiated the HTTP request (User Agent).
  • %CLIENT_IP%—IP address of the computer from which the HTTP request was sent.
  • %URL%—Web address of the forbidden website.
  • %MIME_TYPE%—MIME type of the HTTP message and its parts.
  • %FILE_NAME%—Names of blocked files.
  • %FILE_TYPE%—Type of blocked files.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.