elastic · florent-leborgne · Oct 3, 2025 · Oct 3, 2025 · Oct 3, 2025 · Oct 3, 2025
@@ -130,3 +130,62 @@ FROM kibana_sample_data_ecommerce
 :alt: ESQL query with a custom time field enabled
 :::
 
+### Create and edit lookup indices from queries [discover-esql-lookup-join]
+```{applies_to}
+stack: preview 9.2
+serverless: preview
+```
+
+In **Discover**, LOOKUP JOIN commands include interactive options that let you create or edit lookup indices directly from the editor.
+
+#### Create a lookup index from the editor
+
+You can create a lookup index directly from the ES|QL editor. To populate this index, you can type in data manually or upload a CSV file up to 500 MB.
+
+To create lookup indices, you need the [`create_index`](elasticsearch://reference/elasticsearch/security-privileges.md#privileges-list-indices) {{es}} privilege on the corresponding pattern.
+
+1. In your {{esql}} query, add a `LOOKUP JOIN` command. For example:
+   ```esql
+   FROM kibana_sample_data_logs
+   | LOOKUP JOIN
+   ```
+   Add a space after the command. The editor suggests existing lookup indices and offers to create one. You can also type an index name in your query. If it doesn't exist, the editor suggests to create it.
+
+2. Select the **Create lookup index** suggestion that appears in the autocomplete menu.
+
+3. Define a name for the lookup index, then validate it. 
+   - It must not contain spaces nor any of the following characters: `\`, `/`, `*`, `?`, `<`, `>`, `|`, `:`, and `#`.
+   - It must not start with `-`, `_`, or `+`.
+
+4. Provide the data of the lookup index. You can choose between:
+   - **Uploading a CSV file up to 500 MB**. When uploading a file, you can preview the data and inspect the file's content before it is imported. If issues are detected, a **File issues** tab with more details also appears before you validate the import.
+   - **Adding data manually**. To do that, you can add rows and columns, and edit cells directly.
+   - **Using a combination of both methods**. You can upload a file after adding data manually, and edit or expand data imported from a file.
+
+   :::{tip}
+   You can explore your index using the search field, or in a new Discover session by selecting **Open in Discover**. If you choose to open it in Discover, a new browser tab opens with a prefilled {{esql}} query on the index.
+   :::
+
+5. **Save** any unsaved changes, then **Close** the index editor to return to your query.
+
+Your new index is automatically added to your query. You can then specify the field to join using `ON <field_to_join>`.
+
+#### View or edit a lookup index from the editor
+
+You can view and modify existing lookup indices referenced in an {{esql}} query directly from the editor, depending on your privileges:
+- To edit lookup indices, you need the [`write`](elasticsearch://reference/elasticsearch/security-privileges.md#privileges-list-indices) {{es}} privilege.
+- To view lookup indices in read-only mode, you need the [`view_index_metadata`](elasticsearch://reference/elasticsearch/security-privileges.md#privileges-list-indices) {{es}} privilege.
+
+To view or edit an index:
+
+1. In the {{esql}} query, hover over the lookup index name.
+
+2. Select the **Edit lookup index** or **View lookup index** option that appears. A flyout showing the index appears.
+
+3. Depending on your permissions and needs, explore or edit the index.
+
+   :::{note}
+   Editing a lookup index affects all {{esql}} queries that reference it. Make sure that your changes are compatible with existing queries that use this index.
+   :::
+
+4. If you made changes, select **Save** before closing the flyout.
@@ -228,8 +228,11 @@ FROM kibana_sample_data_logs
 
 The ES|QL editor supports [`LOOKUP JOIN`](elasticsearch://reference/query-languages/esql/commands/processing-commands.md#esql-lookup-join) commands and suggests lookup mode indices and join condition fields.
 
+{applies_to}`stack: ga 9.2` You can also use lookup indices from your remote clusters.
+
 ![Using the LOOKUP JOIN command to autocomplete an ES|QL query](https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blte43a30a93241d650/67c23670045f5839e5bfd1e4/lookup-join-demo.gif)
 
+In **Discover**, LOOKUP JOIN commands let you create or edit lookup indices directly from the editor. Find more information in [](/explore-analyze/discover/try-esql.md#discover-esql-lookup-join).
 
 ### Keyboard shortcuts