Rename the id fields to the same name and append one search to the other

| makeresults | eval event="{\"alert id\":1,\"message\":\"fsdf\",\"server\":\"127.0.0.1\",\"opentriggredtime\":\"01/09/20\"}\n{\"alert id\":2,\"message\":\"fdsfs\",\"server\":\"127.0.0.1\",\"opentriggredtime\":\"01/09/20\"}"
| eval event=split(event,"\n")
| mvexpand event
| spath input=event
| fields - _time event
--- created first table
| rename "alert id" as id
| append [ | makeresults | eval event="{\"closed id\":3,\"message\":\"fdsfs\",\"server\":\"127.0.0.0\",\"closedtriggredtime\":\"01/09/20\"}\n{\"closed id\":4,\"message\":\"fsdf\",\"server\":\"127.0.0.0\",\"closedtriggredtime\":\"01/09/20\"}"
| eval event=split(event,"\n")
| mvexpand event
| spath input=event
| fields - _time event
--- created second table
| rename "closed id" as id
]
| table id message server opentriggredtime closedtriggredtime