Error in 'lookup' command: Could not construct lookup 'dns_whitelist, mitre_technique_id, host_fqdn, process_path, query_name, output, reason'. See search.log for more details.
I get this error in threat hunting app , and when I fill lookup fields the problem still stays, whats the solution.
This is what I did to resolve the errors. Within the app, click the whitelist pulldown, and then select each whitelist, and start populating. I used blah data and after doing this, I no longer was seeing the errors.
What are you doing when this error occurs?
What details do you find in search.log?