Hi All,

In Splunk is it possible to join two joint queries.

I have queries like 

1)

index=_inter sourcetype=project 
| dedup project  server
|  eval Pro=project
| eval source1 ="Y" 
| table source1 Pro | join Pro type=outer
| [search sourcetype =SA  pronames=* |  dedup  pronames | eval Pro=pronames  ] 
| table Pro 

which will generate output

pro

pro1
pro2
pro3

@and I have one query similar one , but changing sourcetype in join .

,index=_inter sourcetype=project 
| dedup project  server
|  eval Pro=project
| eval source1 ="Y" 
| table source1 Pro | join Pro type=outer
| [search sourcetype =SC  pronames=* |  dedup  pronames | eval Pro=pronames  ] 
| table Pro

pro

pro1
pro2
pro3

Both I'm using for generating alerts, two alerts.

now I want to send only one alert by merging both queries,  is it possible.

so i can send alerts in a single mail. like below

pro       pros
pro1   pro1
pro2   pro2
pro3   pro3