Skip to main content

append

Append the results of a subsearch to the current result set (union).

Syntax

| append [<subsearch>]

Examples

-- Combine results from two searches
source=nginx | stats count by uri
  | append [search source=api-gw | stats count by uri]

-- Append with different fields
level=error | stats count AS error_count by source
  | append [search level=warn | stats count AS warn_count by source]

See Also

multisearch -- Union multiple searches
join -- Join on common fields

Syntax
Examples
See Also