Display Filter Reference: UserLog Protocol

Protocol field name: userlog

Versions: 2.2.0 to 2.2.7

Back to Display Filter Reference

Field name Description Type Versions
userlog.count LogCount Unsigned integer, 2 bytes 2.2.0 to 2.2.7
userlog.Destination-IP Destination-IP IPv4 address 2.2.0 to 2.2.7
userlog.Destination-NAT-IP Destination-NAT-IP IPv4 address 2.2.0 to 2.2.7
userlog.Destination-NAT-Port Destination-NAT-Port Unsigned integer, 2 bytes 2.2.0 to 2.2.7
userlog.Destination-Port Destination-Port Unsigned integer, 2 bytes 2.2.0 to 2.2.7
userlog.EndTime EndTime Date and time 2.2.0 to 2.2.7
userlog.header_reserved Reserved Sequence of bytes 2.2.0 to 2.2.7
userlog.InTotalByte InTotalByte Unsigned integer, 4 bytes 2.2.0 to 2.2.7
userlog.InTotalPkg InTotalPkg Unsigned integer, 4 bytes 2.2.0 to 2.2.7
userlog.IPToS IP ToS Unsigned integer, 1 byte 2.2.0 to 2.2.7
userlog.IPVersion IP Version Unsigned integer, 1 byte 2.2.0 to 2.2.7
userlog.logtype LogType Unsigned integer, 1 byte 2.2.0 to 2.2.7
userlog.Operator Operator Unsigned integer, 1 byte 2.2.0 to 2.2.7
userlog.OutTotalByte OutTotalByte Unsigned integer, 4 bytes 2.2.0 to 2.2.7
userlog.OutTotalPkg OutTotalPkg Unsigned integer, 4 bytes 2.2.0 to 2.2.7
userlog.proto Protocol Unsigned integer, 1 byte 2.2.0 to 2.2.7
userlog.Reserved1 Reserved1 Unsigned integer, 4 bytes 2.2.0 to 2.2.7
userlog.Reserved2 Reserved2 Unsigned integer, 4 bytes 2.2.0 to 2.2.7
userlog.Reserved3 Reserved3 Unsigned integer, 4 bytes 2.2.0 to 2.2.7
userlog.Source-NAT-IP Source-NAT-IP IPv4 address 2.2.0 to 2.2.7
userlog.Source-NAT-Port Source-NAT-Port Unsigned integer, 2 bytes 2.2.0 to 2.2.7
userlog.Source-Port Source-Port Unsigned integer, 2 bytes 2.2.0 to 2.2.7
userlog.SourceIP Source-IP IPv4 address 2.2.0 to 2.2.7
userlog.StartTime StartTime Date and time 2.2.0 to 2.2.7
userlog.timestamp TimeStamp Date and time 2.2.0 to 2.2.7
userlog.version Version Unsigned integer, 1 byte 2.2.0 to 2.2.7
Go Beyond with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic...

ANSWER: SteelCentral™ Packet Analyzer PE
  • • Visually rich, powerful LAN analyzer
  • • Quickly access very large pcap files
  • • Professional, customizable reports
  • • Advanced triggers and alerts
  • • Fully integrated with Wireshark and AirPcap™
Learn More

Buy Now

No, really, I have a LOT of traffic…

ANSWER: SteelCentral™ NetShark appliance
  • • Troubleshoot problems faster
  • • Quickly identify the applications running on your network
  • • Monitor your virtual machine traffic
Learn More

I need to capture wireless traffic...

ANSWER: AirPcap™ 802.11 Packet Capture
  • • WLAN packet capture and transmission
  • • Full 802.11 a/b/g/n support
  • • View management, control and data frames
  • • Multi-channel aggregation (with multiple adapters)
Learn More Buy Now