Network Monitor Fields and Properties
Collected here are a list of the most common data fields and properties. They are categorized by protocol. This list is helpful for getting an idea of the most common data fields and properties with descriptions of what they do. The list will continue to grow as we add new propreties, indetify helpful data fields, and add new protocols of interest.
Ethernet - This is the low level machine addresses and protocol type. Most traffic has an ethernet header, though there are exceptions like wireless and Tunneled traffic. Look at Ethernet on Wikipedia.
FrameVariable - FrameVariable is a special "protocol" which contains frame level informaitno like frame length and time related fields.
IPv4 - IPv4 is the internet layer protocol which provides general network layer addressing. Look at IPv4 on Wikipedia.
IPv6 - IPv6 is the update to IPv4 to provide more addresses. Look at IPv6 on Wikipedia.
SMB - Server Message Block is a protocol which Windows machines use to communicate to each other. The SMB protocol documentation is availalbe here.
SMB2 - This is an update to SMB which is used in Vista moving forward. The SMB2 protocol documentation is availalbe here.
TCP - TCP is the transport layer which handles sequencing and deliver of packets on the network. Look at TCP on Wikipedia.
Comments
- Anonymous
January 01, 2003
thanks