Rule Generator for Applications Launch Control: KAVSHELL APPCONTROL /GENERATE
3 August 2023
ID 146712
You can use the KAVSHELL APPCONTROL /GENERATE
command to generate Applications Launch Control rule lists.
A password might be required to execute the command. To enter the current password, use [/pwd:<password>]
.
KAVSHELL APPCONTROL /GENERATE command syntax
KAVSHELL APPCONTROL /GENERATE <path to folder> | /source:<path to file with folders list> [/masks:<edms>] [/runapp] [/rules:<ch|cp|h>] [/strong] [/user:<user or group of users>] [/export:<path to XML file>] [/import:<a|r|m>] [/prefix:<prefix for rules names>] [/unique]
KAVSHELL APPCONTROL /GENERATE command examples
To generate rules for files from specified folders, execute the following command:
KAVSHELL APPCONTROL /GENERATE /source:c\folderslist.txt /export:c:\rules\appctrlrules.xml
To generate rules for executable files with any extension in the specified folder and, upon the task completion, save the generated rules in the specified file XML file, execute the following command:
KAVSHELL APPCONTROL /GENERATE
c:\folder /masks:edms /export:c\rules\appctrlrules.xml
You can use command-line parameters/options to configure automatic rule generation settings for the Applications Launch Control task (see the table below).
KAVSHELL APPCONTROL /GENERATE
command-line parameters/options
Parameter/option | Description |
Allowing rules usage scope | |
<path to folder> | Specify the path to the folder with executable files for which allowing rules will be automatically generated. |
/source: <path to file with folders list> | Specify the path to a TXT file with a list of folders with executable files for which allowing rules will be automatically generated. |
/masks: <edms> | Specify the extensions of executable files for which allowing rules will be automatically generated. You can include files with the following extensions in the rules scope:
|
/runapp | When generating allowing rules, account for applications currently running on the protected device. |
Actions when automatically generating allowing rules | |
/rules: <ch|cp|h> | Specify actions to perform while generating allowing rules for the Applications Launch Control task:
|
/strong | Use the digital certificate's subject and thumbprint while automatically generating allowing rules for the Applications Launch Control task. The command is executed if a value is specified for the /rules: <ch|cp> option. |
/user: <user or group of users> | Specify the user or group of users for which the rules will be applied. The application will monitor any applications run by the specified user and / or group of users. |
Actions on completion of the Rule Generator for Applications Launch Control task | |
/export: <full path to XML file> | Save the generated rules to an XML file. |
/unique | Add information about the protected device with installed applications that are the basis for generating the Applications Launch Control allowing rules. |
/prefix: <prefix for rule names> | Specify a prefix for the names of Applications Launch Control allowing rules. |
/import: <a|r|m> | Import the generated rules into the specified list of Applications Launch Control rules according to the selected import rule:
|