I am using search query from indexes using join operator and get result as below ,

Search Query =

index=case_management AND cef_name="Case inserted"
| where fname LIKE "%%CMI - IPS%%"
| dedup fileId
| join fname
[ search index=case_management AND cef_name="Case updated" ]
| rex field=fname "CMI - IPS - \((?<customer_id>[\d]+)\) - CMI (?<Env>[^\s]+) - "
| where Env ="Prod"
| timechart span=1mon count by flexString2 fixedrange=false cont=false
| where _time>=relative_time(now(),"-3mon@mon") AND _time<relative_time(now(),"-0mon@mon")

Result is=

_time       Closed Follow-Up Queued
2020-09   113             4                   1
2020-10   26                0                   0

i want to get the same result by writing a query using data model. 

@elrich11