How do I take the field from api_response and add it? Can you please give me an example.

I thought of adding extra search space for TrackIdto add * for all and take that token to api_response and from that api_response tokens only to downstream but that would be too heavy, I guess. 

Can you give some examples of the events (anonymised, of course) you are dealing with from both sources and the search or searches you are using in your dashboard so we can see where we are starting from?

Here is the sample logs for API_Response and Downstream_Response. Only two fields are matching in this logs.

2000-1-1 1:0:0.00 INFO : logType=API_RESPONSE, duration=100,
request={"headers":"Accept":"application/json","Content-Type":"application/json"},"method":"POST",
"body":{"body"},"parameters":{},"uri":"/api/apiresponse/search/"}, configLabel=,
requestId=Thisoneismatching11111, response={"headers":{"statusCode":"OK"}, requestUri=/api/apiresponse/search/,
threadContextId=Thisoneismatching22222, message=COMPLETED request /api/apiresponse/search/,

source = /apps/logs/api_response.log sourcetype = response_log

2000-1-1 1:0:0.00 INFO logType=DOWNSTREAM_RESPONSE, duration=100,
request={"headers":{"Accept":"application/json","Content-Type":"application/json"},"method":"POST",
"body":{"uri":"https://abcdefg.com/downresponseservice/api/downresponse"},
configLabel=, requestId=Thisoneismatching11111, response={"OK":{"statusCode":"OK"}}, requestUri=https://abcdefg.com/downresponseservice/api/downresponse,
threadContextId=Thisoneismatching22222, message=<<< Outbound REST response,

source = /apps/logs/downstream_response.log sourcetype = response_log

From my Dashboard I am using inputlookup and based on the api it should show result for downstream as well.

here is the query i used for my dropdown dashboard
|inputlookup abc.csv| search Name="$Nme$" uri="$apis$" | dedup opName | table opName

here is the search query, still not able to figure out
index=main *_RESPONSE | spath input=request | spath input=response
| lookup abc.csv uri OUTPUT opName
| search Name="$Nme$" opName="$opeNme$" uri="$apis$"

Does this help?

index=main *_RESPONSE | spath input=request | spath input=response
| lookup abc.csv uri OUTPUT opName
| stats values(*) as * by requestId threadContextId

i tried but it didnt work, shows all the logs.

Not sure how to achieve it but from the  dashboard perspective i chose the api then based on that api it has downstream which i am still confused how am i supposed to get the downstream response only through selected api's and these requestId/threadcontextId are matched only on  which are hidden in logs. i believe it has to be coded with js or sth.

I thought you wanted to see the other logs? Try adding your filter

index=main *_RESPONSE | spath input=request | spath input=response
| lookup abc.csv uri OUTPUT opName
| stats values(*) as * by requestId threadContextId
| search Name="$Nme$" opName="$opeNme$" uri="$apis$"

yup i wanted to see the other logs but through the selected api from dropdown, and get the logs of api logs and downstream logs on two different panel. but this search query is missing that thing.