https://community.splunk.com/t5/Splunk-Search/How-do-I-get-results-of-all-values-in-2-subqueries/m-p/418485#M120328 <P>i have 2 of the same subqueries in my search with different time periods. So, both results are different. </P> <P>If I use "<STRONG>appendcols</STRONG>" , the results shown are incorrect. The values jump to fillfull some empty fields in between. </P> <P>If I use "<STRONG>join</STRONG>", it's like self join or inner join. it gives results that are in common in both queries. </P> <P>if i use "<STRONG>join type=left</STRONG>", i am not getting the results from query 2 that are not there in query 1, as it considers query 1 to be primary . </P> <P>I want all the results of subquery1 and subquery2 even if they are not there in any one of the subqueries (like union).</P> <P>Please help.</P> Fri, 18 Jan 2019 18:11:22 GMT Anantha123 2019-01-18T18:11:22Z https://community.splunk.com/t5/Splunk-Search/How-do-I-get-results-of-all-values-in-2-subqueries/m-p/418485#M120328 <P>i have 2 of the same subqueries in my search with different time periods. So, both results are different. </P> <P>If I use "<STRONG>appendcols</STRONG>" , the results shown are incorrect. The values jump to fillfull some empty fields in between. </P> <P>If I use "<STRONG>join</STRONG>", it's like self join or inner join. it gives results that are in common in both queries. </P> <P>if i use "<STRONG>join type=left</STRONG>", i am not getting the results from query 2 that are not there in query 1, as it considers query 1 to be primary . </P> <P>I want all the results of subquery1 and subquery2 even if they are not there in any one of the subqueries (like union).</P> <P>Please help.</P> Fri, 18 Jan 2019 18:11:22 GMT https://community.splunk.com/t5/Splunk-Search/How-do-I-get-results-of-all-values-in-2-subqueries/m-p/418485#M120328 Anantha123 2019-01-18T18:11:22Z https://community.splunk.com/t5/Splunk-Search/How-do-I-get-results-of-all-values-in-2-subqueries/m-p/418486#M120329 <P>Hi @Anantha123</P> <P>Try</P> <PRE><CODE>firstquery|append[| second query] </CODE></PRE> Fri, 18 Jan 2019 18:49:56 GMT https://community.splunk.com/t5/Splunk-Search/How-do-I-get-results-of-all-values-in-2-subqueries/m-p/418486#M120329 vnravikumar 2019-01-18T18:49:56Z https://community.splunk.com/t5/Splunk-Search/How-do-I-get-results-of-all-values-in-2-subqueries/m-p/418487#M120330 <P>append wont help me as i want the results of both queries combined . I will get below result if I use append.</P> <P>Result of 1st Query </P> <P>Operation1 Failure1<BR /> Operation2 Failure2<BR /> Operation3 Failure3</P> <P>Results of 2nd Query<BR /> Operation1 Total1<BR /> Operation2 Total2<BR /> Operation4 Total4</P> <P>If I use append , I will get result as below <BR /> Operation1 Failure1 0<BR /> Operation2 Failure2 0 <BR /> Operation3 Failure3 0<BR /> Operation1 0 Total1<BR /> Operation2 0 Total2<BR /> Operation4 0 Total4</P> <P>I want output as <BR /> Operation1 Failure1 Total1<BR /> Operation2 Failure2 Total2<BR /> Operation3 Failure3 0<BR /><BR /> Operation4 0 Total4</P> Mon, 21 Jan 2019 17:18:27 GMT https://community.splunk.com/t5/Splunk-Search/How-do-I-get-results-of-all-values-in-2-subqueries/m-p/418487#M120330 Anantha123 2019-01-21T17:18:27Z