Hi Team,
How to display two queries output as single output. Please help.
index = * sourcetype=test earliest=@d latest=now | eventstats count as INSTANCES| dedup Microservices | eventstats count as APP | dedup Space | eventstats count as SPACE | dedup Org | eventstats count as ORG | table ORG SPACE APP INSTANCES | head 1

index = * sourcetype=test earliest=@d latest=now |table Instance_state | rename Instance_state as status | stats count(eval(status="running")) AS Running, count(eval(status="down")) AS Down,count(eval(status="crashed")) AS Crashed

Expected Output
ORG SPACE APP INSTANCES Running Down Crashed
3 37 386 820 627 103 90