Versions Compared

Old Version 2

changes.mady.by.user Borja Moro Moreno

Saved on

compared with

New Version 3

changes.mady.by.user Borja Moro Moreno

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
maxLevel2
typeflat

...

  • Lookup values are added to the virtual data table at query time, as new columns. The original data tables are never modified. 

  • A key value must be selected. This is the column in the lookup table that has values that correspond to values in the data table. In our example, the key column will be the column containing the IP addresses, which exists both in the lookup table and original data table.

  • Lookup tables can be edited to add, change or delete information.

Use cases

Here are some common use cases that demonstrate how lookup tables can be used.

Converting codes into names

  • Convert an IP address into a machine name.

  • Convert an IP address into a geo-localization.

Add values to classify or filter events

  • Associate an IP to known threats.

  • Group IP by types of devices: servers, portable computers, printers.

...