Hi,

I want to combine to searches:

index=bla | stats count(al_responsecode) as "Total per responseCode al" by al_responsecode | appendcols [ search index=blaat2 sourcetype=access_log | stats count(responseCode) as "Total per responseCode" by responseCode] | table al_responsecode responseCode "Total per responseCode al" "Total per responseCode"

1e search:
response code; total
200;122
204;16
302;13
304;23
401;19
404;44
505;1

2e search:
200;113
204;9
304;23
401;19
404;4

outcome:
200;122;113
204;16;9
302;13;23
304;23;19
401;19;4
404;44

505;1

But I want:
200;122;113
204;16;9
302;13;0
304;23;23
401;19;19
404;44;4
505;1;0