is this possible? or any other way?

A question please.
You can send a parameter from the main search to return search?
I need to put a condition to return value, something like this:

index=main field_MAIN=val1 | eval test=[ search index=other_index | where field_SUB=field_MAIN | head 1 | eval fieldA="\""+fieldA+"\"" | return $fieldA]

It is true musskopf.
I had not realized that the quotes were needed. @tom_frotscher's was quite right.
Sorry and thank you very much

Seems to be a bug, the workaround is to add the quotes as you did, it worked for me:

index=main | eval test=[ search index=other_index | head 1 | eval fieldA="\""+fieldA+"\"" | return $fieldA]

Hi
someone will this ever happened? or be a bug report should support? 😞

I tried it with another indexer, and I like it.
When I run only

search host=IMG6460B sourcetype="WinEventLog:System" | head 1 | eval temp_session="\"".Session."\"" | return $temp_session

I returns the value

**temp_session**
  a0291da-2039

but when I run it with Eval, the field UserSession does not get the value
If it's weird.

for returning multiple values use makemv and then return the whole value then divide the multivalued field.

That's weird: @tom_frotscher's solution totally worked for me.

(As an aside - you can leave out the head 1 clause in the subsearch - by using the return function the head 1 is implied.)

I agree, it seems strange that you have to do the additional eval processing to get it to work with string values being returned, but it does seem to work correctly.

Thanks tom_frotscher
I gave the eval, but nothing, not to return the string value, only numeric, is that normal?