Hi Team,

How to display lookup fields along with search fields.

search Query
index=AA* host=ABC source=/tmp/processMonitor* instance=XYZ apphome =*** | lookup boxdata host | search box_live_state="LIVE" | stats latest(state) as Status by host, apphome, instance, appmon | table host apphome instance appmon box_live_state

Iam not getting anything under box_live_state, Is thr any way to display ??

boxdata
box_env box_live_state box_location box_model box_os box_patch box_rack box_rfb box_ver host
QA NOTLIVE ABC-DE HPXYZQ RHAS 1234 324 lxmcp 6.9 hostny01

Expecting output
host apphome instance appmon Status box_live_state
ABC /xy/abc abc 1 down Live

Thanks
Harsha