I tried. No results.

With splunk, "no results" is not the same as "doesn't work". Maybe there was no ip for that mac? Have you tried your macro code as an individual search, with the mac entered manually?
Generally, when you put an eval expression in a macro, you can use the field you eval'd after the macro.

When I try the macro code as a search, I get back the event that has that mac and ip fields in it. So the macro is ok.

I also tried calling the macro in two different ways:
1. sourcetype=xmlConfig|findIpBasedOnMac(0000000001)|table *
AND
2. sourcetype=other|findIpBasedOnMac(0000000001)|table *

The first search gives the event that I want. The second one returns no results.

Ah. Sorry. Does your base search contain events of the sourcetype that the macro needs? Whether inside a macro or not, the eval that is supposed to deliver the new field needs to see the required data from the base search, as it does not run a subsearch to gather its own data. Maybe all you need to do is adjust your base search to include the xmlConfig sourcetype, such as index=foo sourcetype=other OR sourcetype=xmlConfig | ...

Do you know how I could pass a field from an outer search to a subsearch? Is that possible?

For example:
sourcetype=1|eval newField=[search sourcetype=2 innerField=outerField|return something|format] ...

No, subsearches are run before the main search.

My base search did not contain the sourcetype needed in the macro. After I add it, I get back one event, the one from the macro. But I don't get anything for the chart.
I will keep trying. Thanks!