All Apps and Add-ons

lookup error in splunk threathunting app

Path Finder

Error in 'lookup' command: Could not construct lookup 'dns_whitelist, mitre_technique_id, host_fqdn, process_path, query_name, output, reason'. See search.log for more details.

I get this error in threat hunting app , and when I fill lookup fields the problem still stays, whats the solution.


This is what I did to resolve the errors.  Within the app, click the whitelist pulldown, and then select each whitelist, and start populating.  I used blah data and after doing this, I no longer was seeing the errors.

0 Karma


What are you doing when this error occurs?
What details do you find in search.log?

If this reply helps you, an upvote would be appreciated.
0 Karma
.conf21 CFS Extended through 5/20!

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!