Metadata fields contain details of a log message in a simple format within the LogRhythm databases. Metadata is parsed directly from a log message (explicit) or can be inferred from a log message (implicit). Metadata might include such information as the direction of the data flow or the number of bytes in a data flow. For more detailed information about metadata fields, see the LogRhythm Schema Dictionary and Guide.
Metadata field names in LogRhythm do not always match the corresponding field in Lucene syntax. The following sections provide details around metadata field names in the Web Console, how they map to Lucene syntax, and a brief field description.