I have created a query that will extract specific information from my Active Directory logs, and output it into a nicely labeled table.
I would like to know if it is possible to push these fields into an outputlookup command that will create a lookup file that is usable elsewhere.

I have a query that looks similar to this:

index="Microsoft_Active_Directory" sourcetype="Active_Directory"`
| dedup AccountName
| rex field=manager "CN\x3d(?:[AP]\x2d)?(?P<manLast>[^\x5c]+)\x5c\x2c\s(?P<manFirst>[^\x2c]+)\x2cOU"
| rex field=name "(?P<nameLast>^[^\x2c]+)(?:\x2c\s(?P<nameFirst>.*))?"
| rex field=whenCreated ".*?(?P<Created>\d+\x2f\d+\x2f\d+)"
| eval Manager = toString(manFirst) + " " + toString(manLast)
| eval "Employee Name" = toString(nameFirst) + " " + toString(nameLast)
| rex field=Manager mode=sed "s/Null\sNull/N\/A/g"
| rex field=employeeID mode=sed "s/x+/N\/A/g"
| rex field="Employee Name" mode=sed "s/Null\s//g"
| rename AccountName AS Username, description AS "Job Title", physicalDeliveryOfficeName AS Location, l as City, st AS State, userPrincipalName AS "Employee E-mail", employeeID AS "Employee ID", telephoneNumber AS "Phone Number"
| table Username "Employee Name" "Job Title" Location City State "Employee E-mail" "Employee ID" "Phone Number" Manager Created

I am hoping that this query can be used to create a lookup file with these 11 fields populated that can then be used to query against in other use cases. I have tried finding my answer online before coming here and asking a question, but I cannot seem to find the correct way to do this.

And then assuming that the above is all possible, it would also be awesome to know how to make this happen dynamically so that the lookup file will be updated periodically (a dynamic lookup), say weekly, with the current AD information.

Any help given is certainly appreciated, thanks.