>> mamesuke 

Thank you very much for your answer.
I was able to show the "Lookup Overview" by adding "-master" to the link.

How can I get the "Lookup Overview" to appear when I click the "Lookup Overview" menu from the "Windows Event Code Security Analysis" screen?

Please remove the app and install it again.

If you download it from github, it will be named "splunk_wineventcode_secanalysis-master.zip".

But when you add it to your splunk app, rename the zip file as follows

splunk_wineventcode_secanalysis-master.zip

↓　　　remove "-master"

splunk_wineventcode_secanalysis.zip

>> mamesuke

I followed the instructions you provided, but to no avail.

 1) Remove the current app
      opt/splunk/bin/splunk remove app splunk_wineventcode_secanalysis-master
 2) Download new splunk_wineventcode_secanalysis-master.zip from github
 3) Rename the file to "splunk_wineventcode_secanalysis.zip"
 4) Import splunk_wineventcode_secanalysis.zip from "install app from file".

On github, there is the following description
"I haven't done anything with the "properly populated signature_id field!" because I don't know how to do that, is this relevant here?

　"REQUIRES COMMON INFORMATION MODEL 4.14+ with properly populated signature_id field!"

Environment:
# /opt/splunk/bin/splunk display app
  Splunk_SA_CIM CONFIGURED ENABLED INVISIBLE
  Splunk_TA_windows UNCONFIGURED ENABLED INVISIBLE
  splunk_wineventcode_secanalysis-master UNCONFIGURED ENABLED VISIBLE

>> mamesuke

Special Thanks!

By following the instructions you provided, the app worked as expected.
I was finally able to solve the problem.

I apologize for the late reply.
Thank you very much for your detailed explanation.