Display Filter Reference: UserLog Protocol

Protocol field name: userlog

Versions: 2.2.0 to 2.6.1

Back to Display Filter Reference

Field name Description Type Versions
userlog.count LogCount Unsigned integer, 2 bytes 2.2.0 to 2.6.1
userlog.Destination-IP Destination-IP IPv4 address 2.2.0 to 2.6.1
userlog.Destination-NAT-IP Destination-NAT-IP IPv4 address 2.2.0 to 2.6.1
userlog.Destination-NAT-Port Destination-NAT-Port Unsigned integer, 2 bytes 2.2.0 to 2.6.1
userlog.Destination-Port Destination-Port Unsigned integer, 2 bytes 2.2.0 to 2.6.1
userlog.EndTime EndTime Date and time 2.2.0 to 2.6.1
userlog.header_reserved Reserved Sequence of bytes 2.2.0 to 2.6.1
userlog.InTotalByte InTotalByte Unsigned integer, 4 bytes 2.2.0 to 2.6.1
userlog.InTotalPkg InTotalPkg Unsigned integer, 4 bytes 2.2.0 to 2.6.1
userlog.IPToS IP ToS Unsigned integer, 1 byte 2.2.0 to 2.6.1
userlog.IPVersion IP Version Unsigned integer, 1 byte 2.2.0 to 2.6.1
userlog.logtype LogType Unsigned integer, 1 byte 2.2.0 to 2.6.1
userlog.Operator Operator Unsigned integer, 1 byte 2.2.0 to 2.6.1
userlog.OutTotalByte OutTotalByte Unsigned integer, 4 bytes 2.2.0 to 2.6.1
userlog.OutTotalPkg OutTotalPkg Unsigned integer, 4 bytes 2.2.0 to 2.6.1
userlog.proto Protocol Unsigned integer, 1 byte 2.2.0 to 2.6.1
userlog.Reserved1 Reserved1 Unsigned integer, 4 bytes 2.2.0 to 2.6.1
userlog.Reserved2 Reserved2 Unsigned integer, 4 bytes 2.2.0 to 2.6.1
userlog.Reserved3 Reserved3 Unsigned integer, 4 bytes 2.2.0 to 2.6.1
userlog.Source-NAT-IP Source-NAT-IP IPv4 address 2.2.0 to 2.6.1
userlog.Source-NAT-Port Source-NAT-Port Unsigned integer, 2 bytes 2.2.0 to 2.6.1
userlog.Source-Port Source-Port Unsigned integer, 2 bytes 2.2.0 to 2.6.1
userlog.SourceIP Source-IP IPv4 address 2.2.0 to 2.6.1
userlog.StartTime StartTime Date and time 2.2.0 to 2.6.1
userlog.timestamp TimeStamp Date and time 2.2.0 to 2.6.1
userlog.version Version Unsigned integer, 1 byte 2.2.0 to 2.6.1
Go Beyond with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic...

ANSWER: SteelCentral™ Packet Analyzer PE
  • • Visually rich, powerful LAN analyzer
  • • Quickly access very large pcap files
  • • Professional, customizable reports
  • • Advanced triggers and alerts
Learn More

Buy Now

No, really, I have a LOT of traffic…

ANSWER: SteelCentral™ NetShark appliance
  • • Troubleshoot problems faster
  • • Quickly identify the applications running on your network
  • • Monitor your virtual machine traffic
Learn More