Here's the query I have that is getting results from two sourcetypes:

index=bro (sourcetype=bro_files OR sourcetype=bro_http) FBAT7S1VCAkUPRDte2 | eval fuid=coalesce(resp_fuids, orig_fuids, fuid) | table fuid, seen_bytes, md5, mime_type, domain, uri

Here's the results:

fuid seen_bytes md5 mime_type domain uri
FBAT7S1VCAkUPRDte2 215978730 f3906f58da42a24b853d26c83e4488e5 application/zip
FBAT7S1VCAkUPRDte2 application/zip ex.com /test.zip

Desired results:

fuid seen_bytes md5 mime_type domain uri
FBAT7S1VCAkUPRDte2 215978730 f3906f58da42a24b853d26c83e4488e5 application/zip ex.com /test.zip