What are Lookups
Lookups are data tables that can be used in Cribl to enrich events as they're processed by the Lookup Function. The Lookups library can be found under Knowledge | Lookups and its goal is to provide a management interface for all lookups. The library is searchable and each lookup can be tagged as necessary.
How does it work
The management interface allows for lookups to be added, deleted and edited. All files handled by the interface are stored in $CRIBL_HOME/data/lookups.
