Display Filter Reference: UserLog Protocol

Protocol field name: userlog

Versions: 2.2.0 to 2.6.5

Back to Display Filter Reference

Field name Description Type Versions
userlog.count LogCount Unsigned integer, 2 bytes 2.2.0 to 2.6.5
userlog.Destination-IP Destination-IP IPv4 address 2.2.0 to 2.6.5
userlog.Destination-NAT-IP Destination-NAT-IP IPv4 address 2.2.0 to 2.6.5
userlog.Destination-NAT-Port Destination-NAT-Port Unsigned integer, 2 bytes 2.2.0 to 2.6.5
userlog.Destination-Port Destination-Port Unsigned integer, 2 bytes 2.2.0 to 2.6.5
userlog.EndTime EndTime Date and time 2.2.0 to 2.6.5
userlog.header_reserved Reserved Sequence of bytes 2.2.0 to 2.6.5
userlog.InTotalByte InTotalByte Unsigned integer, 4 bytes 2.2.0 to 2.6.5
userlog.InTotalPkg InTotalPkg Unsigned integer, 4 bytes 2.2.0 to 2.6.5
userlog.IPToS IP ToS Unsigned integer, 1 byte 2.2.0 to 2.6.5
userlog.IPVersion IP Version Unsigned integer, 1 byte 2.2.0 to 2.6.5
userlog.logtype LogType Unsigned integer, 1 byte 2.2.0 to 2.6.5
userlog.Operator Operator Unsigned integer, 1 byte 2.2.0 to 2.6.5
userlog.OutTotalByte OutTotalByte Unsigned integer, 4 bytes 2.2.0 to 2.6.5
userlog.OutTotalPkg OutTotalPkg Unsigned integer, 4 bytes 2.2.0 to 2.6.5
userlog.proto Protocol Unsigned integer, 1 byte 2.2.0 to 2.6.5
userlog.Reserved1 Reserved1 Unsigned integer, 4 bytes 2.2.0 to 2.6.5
userlog.Reserved2 Reserved2 Unsigned integer, 4 bytes 2.2.0 to 2.6.5
userlog.Reserved3 Reserved3 Unsigned integer, 4 bytes 2.2.0 to 2.6.5
userlog.Source-NAT-IP Source-NAT-IP IPv4 address 2.2.0 to 2.6.5
userlog.Source-NAT-Port Source-NAT-Port Unsigned integer, 2 bytes 2.2.0 to 2.6.5
userlog.Source-Port Source-Port Unsigned integer, 2 bytes 2.2.0 to 2.6.5
userlog.SourceIP Source-IP IPv4 address 2.2.0 to 2.6.5
userlog.StartTime StartTime Date and time 2.2.0 to 2.6.5
userlog.timestamp TimeStamp Date and time 2.2.0 to 2.6.5
userlog.version Version Unsigned integer, 1 byte 2.2.0 to 2.6.5
Go Beyond with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic...

ANSWER: SteelCentral™ Packet Analyzer PE
  • • Visually rich, powerful LAN analyzer
  • • Quickly access very large pcap files
  • • Professional, customizable reports
  • • Advanced triggers and alerts
Learn More

Buy Now

No, really, I have a LOT of traffic…

ANSWER: SteelCentral™ AppResponse 11
  • • Full stack analysis – from packets to pages
  • • Rich performance metrics & pre-defined insights for fast problem identification/resolution
  • • Modular, flexible solution for deeply-analyzing network & application performance
Learn More