I have a simple configuration for few forwarders and an indexer.
I have configured the field look-up on Splunk indexer for http status codes using the sample provided in user manual. My entries look like this.
1. csv file is uploaded under

$SPLUNK_HOME/etc/apps/search/lookups/http_status.csv

1. Contents of props.conf under $SPLUNK_HOME/etc/apps/search/local/props.conf

   [apache_logs]
   EXTRACT-status = (?i)^(?:[^"]*"){2}\s+(?P[^ ]+)

   [access_combined]
   LOOKUP-http_status = http_status status OUTPUT status_description, status_type

2. Contents of transforms.conf under $SPLUNK_HOME/etc/apps/search/lookups/transforms.conf

   [http_status]
   filename = http_status.csv

3. After this I restarted the Splunk indexer.

4. Searched the apache-logs through search app.

5. I did not see the status_description and status_type fields under the field pickup.

6. I see status = 200 as extracted field in results. However could not get description or type.

Am I missing any settings ? Please help.