I am new in Splunk. So far I have been using join commands to integrate data from two different sources in a common field. The problem with this is that the searches take too long. apparently through lookups this should work faster. Would anybody be so kind to explain me exactly how I should do this ? it would be a massive thankyou from me.
... View more