The four types of lookups that Splunk provides out-of-the-box are file-based, external, KV Store, and geospatial. File-based lookups use CSV files to map fields from your data to fields in the external table. External lookups use Python scripts or binary executables to populate your events with field values from an external source. KV Store lookups use a key-value store to map fields from your data to fields in the external table. Geospatial lookups use KMZ or KML files to match location coordinates in your events to geographic feature collections1.