Hi,

My search query is having mutliple tstats commands. Also there are two independent search query seprated by appencols. Looking for suggestion to improve performance.

I tried using multisearch but its not working saying subsearch containing non-streaming command.

Query:

| tstats summariesonly=false max(LIVEBOOK.Elapsed) AS Elapsed FROM datamodel=MXTIMING_LIVEBOOK_V2 WHERE host=QCST_RSAT_V42 LIVEBOOK.Elapsed > 0 AND LIVEBOOK.Context+Command="*" AND 
    [| tstats count FROM datamodel=MXTIMING_LIVEBOOK_V2 WHERE host=QCST_RSAT_V42 LIVEBOOK.NPID="727614" GROUPBY source 
    | table source ] 
    GROUPBY LIVEBOOK.Context+Command LIVEBOOK.Time _time span=1s 
| rename LIVEBOOK.Context+Command as Context+Command 
| rename LIVEBOOK.Time as Time 
| timechart bins=2000 max(Elapsed) by Context+Command 
| appendcols 
    [| tstats summariesonly=false max(LIVEBOOK.Memory) AS VmPeak max(LIVEBOOK.VmHWM_V2) AS VmHWM max(LIVEBOOK.Malloc_V2) AS Malloc FROM datamodel=MXTIMING_LIVEBOOK_V2 WHERE host=QCST_RSAT_V42 AND LIVEBOOK.Elapsed > 0 AND 
        [| tstats count FROM datamodel=MXTIMING_LIVEBOOK_V2 WHERE host=QCST_RSAT_V42 LIVEBOOK.NPID="727614" GROUPBY source 
        | table source ]
        AND LIVEBOOK.Context+Command="*" GROUPBY LIVEBOOK.Context+Command LIVEBOOK.Time _time span=1s 
    | timechart bins=2000 max(VmPeak) as Mem_VmPeak ] 
| fields - OTHER 
| eval Mem_Malloc = if(Mem_Malloc==0,"",Mem_Malloc) 
| eval Mem_VmHWM = if(Mem_VmHWM==0,"",Mem_VmHWM) 
| eval Mem_VmPeak = if(Mem_VmPeak==0,"",Mem_VmPeak)