Update lookup articles (#4786)

jpipkin1 · web-flow · commit 2124006b3acf · 2024-11-21T21:44:11.000Z
diff --git a/docs/search/lookup-tables/create-lookup-table.md b/docs/search/lookup-tables/create-lookup-table.md
@@ -54,7 +54,7 @@ When you create a Lookup Table schema, note the following requirements:
 
 Currently, the ability to reference a field in a new style Lookup Table in a [Search Template](/docs/search/get-started-with-search/build-search/search-templates) is not supported. However, you can refer to [classic Lookup Tables](/docs/search/search-query-language/search-operators/lookup-classic) in Search Templates.  
 
-## How many Lookup Tables can you have?
+### How many Lookup Tables can you have?
 
 The number of Lookup Tables you can have depends on what type of Sumo Logic account you have, as shown in the table below.
 
@@ -67,7 +67,7 @@ The number of Lookup Tables you can have depends on what type of Sumo Logic acco
 | Enterprise Security (Cloud Flex Credits) | 100 |
 | Enterprise Suite (Cloud Flex Credits) | 100 |
 | Trials | Depends on the account type being trialed |
-| Free | None |
+| Free | None | 
 
 ## Create a Lookup Table
 
@@ -85,8 +85,8 @@ schema without populating the table.
 
 1. Go to your **Library**.
 1. Navigate to the folder where you want to create the Lookup Table.
-1. Click **Add New** and then select **New Lookup**.  <br/> ![lookup-list.png](/img/search/lookup-tables/new-lookup-button.png)
-1. The **Create Lookup Table** page appears. <br/>  ![create-lookup-table.png](/img/search/lookup-tables/create-lookup-table.png)
+1. Click **Add New** and then select **New Lookup**.  <br/><img src={useBaseUrl('img/search/lookup-tables/new-lookup-button.png')} alt="Lookup list" style={{border: '1px solid gray'}} width="800" />
+1. The **Create Lookup Table** page appears. <br/><img src={useBaseUrl('img/search/lookup-tables/create-lookup-table.png')} alt="Create lookup table" style={{border: '1px solid gray'}} width="800" />
    * **Lookup Name**. Enter a name for the Lookup Table.
    * **Description** (Optional).  Enter a description of the Lookup Table.
    * **Do you want a TTL for table entries?** A TTL specifies a time limit beyond which an unchanged row in the table will be unavailable for reads and will be deleted. For example, if you set a TTL of 5 minutes for a lookup table, when 5 minutes pass without a row being updated, that row will no longer be returned by lookups and will be deleted from the lookups table. A TTL is useful for managing the freshness of the data and the size of the table.
@@ -96,7 +96,7 @@ schema without populating the table.
        * **Stop Incoming Data**. Once the Lookup Table size limit is reached, no new data will be added to the table. 
        * **Delete Old Data**. The rows that have been modified or updated least recently will be replaced by new rows.
    * **How do you want to create lookup?** Click **Create Schema only**.
-1. The page displays a **Schema** section. <br/>  ![schema.png](/img/search/lookup-tables/schema.png)
+1. The page displays a **Schema** section. <br/><img src={useBaseUrl('img/search/lookup-tables/schema.png')} alt="Schema" style={{border: '1px solid gray'}} width="800" />
 1. **Schema**. For the first column in the table, enter:
     * **Field**. Enter a name for the field. As you name your fields, note reserved keywords listed in [Reserved keywords](create-lookup-table.md).
     * **Value Type**. Choose the value type: boolean, int, long, double, or string (default).
@@ -120,45 +120,47 @@ No spaces are allowed between quotes and values for field names. For example, `"
 As you name your fields, note the information in [Reserved keywords](#reserved-keywords).
 
 1. Go to your **Library**.
-1. Click **Add New** and then select **New Lookup**.<br/>  ![new-lookup-button.png](/img/search/lookup-tables/new-lookup-button.png)
+1. Click **Add New** and then select **New Lookup**.<br/><img src={useBaseUrl('img/search/lookup-tables/new-lookup-button.png')} alt="New lookup button" style={{border: '1px solid gray'}} width="800" />
 1. Enter the following on the **Create Lookup Table** page:
    * **Lookup Name**. Enter a name for the Lookup Table.
    * **Description** (Optional). Enter a description of the Lookup Table.
    * **Do you want a TTL for table entries?** A TTL specifies a time limit beyond which an unchanged row in the table will be unavailable for reads and will be deleted. For example, if you set a TTL of 5 minutes for a lookup table, when 5 minutes pass without a row being updated, that row will no longer be returned by lookups and will be deleted from the lookups table. A TTL is useful for managing the freshness of the data and the size of the table. 
        * Click **Yes** if you want to set a TTL.
        * Enter an integer value in the **Duration** field, and select a unit of time from the pulldown:  **Seconds**, **Minutes** (default), **Hours**, or **Days**.
    * **How do you want to create lookup?** Click **Upload File**.
-1. The **Upload File** section appears.<br/>  ![upload-file.png](/img/search/lookup-tables/upload-file.png)
+1. The **Upload File** section appears.<br/><img src={useBaseUrl('img/search/lookup-tables/upload-file.png')} alt="Upload file" style={{border: '1px solid gray'}} width="800" />
    * **Advanced Upload Settings** (Optional). If your .csv file is encoded in a format other than UTF-8, select the format from the pull-down.
 1. Click **Upload**.
 1. Navigate to the file you want to upload and click **Open**.
-1. The **Schema** section of the page refreshes, and displays up to 10 rows from the .csv file you uploaded.<br/> ![create-by-upload.png](/img/search/lookup-tables/create-by-upload.png)
+1. The **Schema** section of the page refreshes, and displays up to 10 rows from the .csv file you uploaded.<br/><img src={useBaseUrl('img/search/lookup-tables/create-by-upload.png')} alt="Create by upload" style={{border: '1px solid gray'}} width="800" />
 1. For each column in the table:
     * **Value Type**. Choose the value type: boolean, int, long, double, or string (default).
     * **Primary Key**. Click the **Yes** checkbox if the field is part of the primary key for the table. Defining a primary key for your Lookup Table is required.
 1. Click **Create** in the upper right of the page.
 
-### View the contents of a Lookup Table
+## View Lookup Tables content
+
+### View the contents of a single Lookup Table
 
 1. Go to your **Library**.
-1. Click in the search bar, and select **Lookups** from the dropdown.  <br/>  ![search-for-lookups.png](/img/search/lookup-tables/search-for-lookups.png)
+1. Click in the search bar, and select **Lookup Tables** from the dropdown.  <br/><img src={useBaseUrl('img/search/lookup-tables/search-for-lookups.png')} alt="Search for lookups" style={{border: '1px solid gray'}} width="200" />
 1. Hover over the Lookup Table you want to view, and select **Open** from the three-dot kebab menu.
-1. The view page for the Lookup Table appears. It displays a preview of the contents of the Lookup Table, up to 10 rows.  <br/>  ![lookup-created.png](/img/search/lookup-tables/lookup-created.png)
+1. The view page for the Lookup Table appears. It displays a preview of the contents of the Lookup Table, up to 10 rows.  <br/><img src={useBaseUrl('img/search/lookup-tables/lookup-created.png')} alt="Lookup created" style={{border: '1px solid gray'}} width="800" />
 1. To view the complete contents of the Lookup Table, click **View Data**.
-1. A Sumo Logic search tab opens and a `cat` command is run on your table. <br/>  ![view-lookup-table.png](/img/search/lookup-tables/view-lookup-table.png)
+1. A Sumo Logic search tab opens and a `cat` command is run on your table. <br/><img src={useBaseUrl('img/search/lookup-tables/view-lookup-table.png')} alt="View lookup table" style={{border: '1px solid gray'}} width="800" />
 
-## Find a lookup table path
+### Find a lookup table path
 
 When you run search operators that work with Lookup Tables (described in the following section), you need to know the path to the Lookup Table in the Sumo Logic Library. The path can be determined in a couple of ways:
 
-* From the **Actions** menu on the Lookup Table page. <br/>  ![copy-path-actions-menu.png](/img/search/lookup-tables/copy-path-actions-menu.png)
-* From the three-dot kebab menu for a Lookup Table in the Sumo Logic Library.  <br/>  ![copy-path-lib.png](/img/search/lookup-tables/copy-path-lib.png)
+* From the **Actions** menu on the Lookup Table page. <br/><img src={useBaseUrl('img/search/lookup-tables/copy-path-actions-menu.png')} alt="Copy path actions menu" style={{border: '1px solid gray'}} width="800" />
+* From the three-dot kebab menu for a Lookup Table in the Sumo Logic Library.  <br/><img src={useBaseUrl('img/search/lookup-tables/copy-path-lib.png')} alt="Copy path library menu" style={{border: '1px solid gray'}} width="800" />
 
-## Operators you use with Lookup Tables
+### Find Lookup Tables content with search operators
 
 You can use the following operators with Lookup Tables in Sumo Logic log searches and in Cloud SIEM rules:
 
 * `cat`. You can view the contents of a Lookup Table using the `cat` operator in a Sumo Logic log search tab. For more information, see [cat](/docs/search/search-query-language/search-operators/cat).
 * `lookup`. You can use the `lookup` operator to return one or more fields from a Lookup Table. For more information, see [lookup](/docs/search/search-query-language/search-operators/lookup).
 * `lookupContains`. You can use the `lookupContains` operator to see whether a key exists in a Lookup Table. For more information, see [lookupContains](/docs/search/search-query-language/search-operators/lookupcontains).
-* `save`. You can use the `save` operator to save the results of a Sumo log query to a Lookup Table you created using the Lookup UI or API. For more information, see [save](/docs/search/search-query-language/search-operators/save).  
+* `save`. You can use the `save` operator to save the results of a Sumo log query to a Lookup Table you created using the Lookup UI or API. For more information, see [save](/docs/search/search-query-language/search-operators/save).
diff --git a/docs/search/search-query-language/search-operators/lookup.md b/docs/search/search-query-language/search-operators/lookup.md
@@ -6,7 +6,7 @@ sidebar_label: lookup
 
 The `lookup` operator can return one or more fields from a lookup table hosted by Sumo Logic and add the fields to the log messages returned by your query. You create a lookup table using the lookup UI or the [Lookup API](/docs/api/lookup-tables). You can populate a lookup table by uploading a CSV file using the Lookup API, or by using the [`save` operator](/docs/search/search-query-language/search-operators/save) to save the results of a log query. 
 
-For information about lookup tables, see [Create and Manage Lookup Tables](/docs/search/lookup-tables/create-lookup-table.md).
+For information about lookup tables, see [Lookup Tables](/docs/search/lookup-tables/).
 
 ## Rules and limitations
 
diff --git a/docs/search/search-query-language/search-operators/lookupcontains.md b/docs/search/search-query-language/search-operators/lookupcontains.md
@@ -6,6 +6,8 @@ sidebar_label: lookupContains
 
 Use the `lookupContains` operator to determine whether a key exists in a lookup table. It will return a boolean value.
 
+For information about lookup tables, see [Lookup Tables](/docs/search/lookup-tables/).
+
 ## Syntax
 
 The syntax for `lookupContains` in varies depending on whether you use the operator within a `where` expression, or before it.
diff --git a/static/img/search/lookup-tables/search-for-lookups.png b/static/img/search/lookup-tables/search-for-lookups.png
