Use Lookup Tables in Edge Delta
Learn how to enrich logs, metrics, and traces dynamically using lookup tables with Edge Delta’s agent.
less than a minute
Lookup tables enable you to enrich data items (logs, metrics, or traces) based on matching criteria from an external CSV table. This is useful when you have many conditions that each require different enrichments, such as:
- Adding human-readable descriptions to error codes
- Categorizing log messages based on patterns
- Enriching metrics with team ownership information
- Mapping service names to on-call channels
How Lookup Tables Work
A lookup table contains columns of related data. The Lookup processor matches values from incoming data items against a key column in the table, then enriches matching items with values from other columns in the same row.
For example, given a table of error codes with their descriptions:
code,description,severity
E001,Connection timeout,high
E002,Authentication failed,critical
500,Internal server error,critical
When a log contains error_code: E002, the lookup processor adds description: "Authentication failed" and severity: "critical" as attributes.
Getting Started
- Create your lookup table as a CSV file with headers
- Upload the table to the Knowledge Library or host it on your own infrastructure
- Configure the Lookup processor with key fields (what to match) and out fields (what to add)
Learn More
- Lookup Processor - Complete configuration reference
- Understanding Lookup Tables - Detailed concepts including key matching, field bindings, and table locations