I have search1 which is a join of 2 different log sources ( S1 , S2 ). After joining these sources, I used rex to extract one specific field like field1 ( I had to combine two sources as this gave me all the data I needed ) .

index=sthng  sourcetype=source S1  some condition Y  | join common filed  [ search sourcetype=Source S2 LogType= *| fields - to be excluded ] | rex field=field extracted f1   | stats  values(*)  | eval condition resulting in field Z  | search z > 10

I have another search which has results from another source (S3). I again used rex to extract one specific field, like field 2, in this search.

index=same as above search  sourcetype=S3  some condition C  | rex field= field extracted f2.

Now, I want to compare both these searches based on field1 , field2 — like, compare field1 and field2 from the results of both the searches, and if at the same time ( or around the same time ) , field1 is not equal to field 2, it would show me the results.