I have two reports that I would like to combine so that for a specific group of indexers I can get the list of indexes and how much licensing is impacted by indexer and licensing impact for each of the indexes on that indexer.
This first one gives me licensing impact by indexer where the indexer is as a whole is at least one gig of licensing:

index=_internal source=*license_usage.log type="RolloverSummary" earliest=-30d@d pool=* 
| eval _time=_time - 43200 | bin _time span=1d | stats latest(b) AS b by slave, pool, _time 
| eval gb = round(b/1024/1024/1024,2)  
| join type=left slave        [
     | rest count=0 /services/licenser/slaves        
     | rename label as slave_name       
     | rename title as slave        
     | table slave_name slave]  
| search gb!=0  | timechart span=1d sum(gb) AS "volume" fixedrange=false by slave_name

This next one gives me a list of indexes and what the impact to licensing is:

index=_internal source=*license_usage.log type=Usage |  eval totalMB = b/1024/1024  | eval totalGB = totalMB /1024 | rename idx as index | timechart span=1d limit=20 sum(totalGB) by index