====== UserObject ======
 
===== Description =====
At the top of the Unsniff food chain is the user object. This can be anything that is of great interest to the network analysis professional. You can write plugins to extract any type of user object from bserved traffic. Using the Unsniff Scripting API you can automate all aspects of user objects. 

**Some examples:** 
  * Save all images greater than 75K in size to a directory 
  * Export all RTP audio conversations from a given SIP Phone to a directory
 
===== Properties =====
^Name^Type^Access^Description^
|ID |Long|Read|Each user object is assigned a unique ID by Unsniff|
|IID|String|Read|The GUID of the user object type. Each user object type must have a unique GUID. The GUID string is in registry format|
|Name|String|Read|The user object full name. |
|Type|String|Read|The user object type. This is defined by the author of the user object type. Typically this type identifies the user object type. Examples: Image, HTML, RTP Media, File,etc|
|Description|String|Read/Write|A text description of the user object. You script can change this description if you wish based on your analysis 
|PreferredFileName|String|Read/Write|Some Unsniff Plugins are very smart. They can figure out the most appropriate name for a user object based on the context in which it was created. For example: The preferred filename of a image transferred via HTML is that of the corresponding GET request. You can change this name if you want based on your analysis. |
|SenderAddress|String|Read|The network address of the Sender of this User Object. This is a network name if this address has been resolved to a name |
|ReceiverAddress|String |Read|The network address of the Receiver of this User Object. This is a network name if this address has been resolved to a name. |
|StreamID|Long|Read|If this User Object was extracted from a stream. This contains the Stream ID. For user objects not associated with a stream -1 is returned |
|StreamSeekPos|Long|Read|If this User Object was extracted from a stream. This contains the Stream Seek Position. For user objects not associated with a stream -1 is returned|
|StreamDirection|String|Read|If this User Object was extracted from a stream. This contains the direction (“in” or “out”). For user objects not associated with a stream a null string is returned|
|Length|Long|Read|The size in bytes of this user object.|
|HasError|Boolean|Read|Does this user object have an error. Typical errors are when user objects are not completed. You may want to check this property before proceeding to do too much with a given user object.|
|State|String|Read|The state of the user object.|
|CreateTimestamp|String|Read|The time this user object was created. The time is returned in a string. The format of the time is determined by the current Windows Locale settings
===== Methods =====
^Name^Parameters^Description^
|SaveToFile|FileName (String)|Save the user object to a file. \\ //FileName:// Can be a pathname or a relative filename |
|HasPattern|Pattern string|Check if the pattern appears in the reconstructed user object |