Currently my search query is:

sourcetype="transactions" AND (additionalMessage.requestUrl="*/cashIn/initialize" OR additionalMessage.requestUrl="*/cashIn/update" OR additionalMessage.requestUrl="*/cashIn/updateStatus" OR additionalMessage.requestUrl="*/cashIn/finalize") AND message != "Token time nonce*" message="POST - http://transactions/cashIn/finalize - RESPONSE_SENT" "additionalMessage.response.commissionPercentage"="0.15" | rename additionalMessage.requestBody.deviceId as device_id | stats count(message) as count by device_id | lookup ATMDeviceNames.csv device_id OUTPUT device_name | append [| inputlookup ATMDeviceNames.csv | table device_id device_name | eval count=0 ] | stats max(count) as count by device_id device_name | sort -count | rename count as "Completed Transactions"

it displays a statistics table like this:

I would like to create an additional dashboard panel based on this table. I would like to swap the Completed_Transactions with a column called Total_Cash.
I can see the cash amount per transaction under the name "additionalMessage.response.fiatAmount".

I would like to see the total cash amount per device displayed, can't seem to make it work. Any help would be greatly appreciated.