By design, all fields that can contain sensitive information, are hidden in E-mail alerts sent by SmartEvent.
User name is one of these fields. In Application Control and DLP, this field contains very sensitive information.
According to the design, this field is defined as confidential, and only a user with appropriate permissions can see it.
Since it is not possible to verify that an E-mail address belongs to a user with appropriate permissions (permissions to see 'user' field), Check Point code always hides it. Otherwise, a mistake in the E-mail address can lead to sending confidential data to an unauthorized user.
Check Point code does not check the type of Event, therefore the 'user' field is hidden for all Events.