I have syslog formatted events that correlate together based on one value, and a search that will pull a single line of those events:

s=1js832fc event=A somedata=9sdsh
s=1js832fc event=B someotherdata=3s2jd
s=1js832fc event=C someotherotherdata=12s93d
s=1js832fc event=D someotherotherotherdata=32s8d2 mid=2jhsd9asdhjs9s2hn2u
s=28s72d event=A somedata=8sd6d
s=28s72d event=B someotherdata=27sh2d
s=28s72d event=C someotherotherdata=28s7s2
s=28s72d event=D someotherotherotherdata=2s73hd mid=2jhsd9asdhjs9s2hn2u

The search to be performed is to pull events matching 'mid' value: 2jhsd9asdhjs9s2hn2u

This search results in the following events found:

s=1js832fc event=D someotherotherotherdata=32s8d2 mid=2jhsd9asdhjs9s2hn2u
s=28s72d event=D someotherotherotherdata=2s73hd mid=2jhsd9asdhjs9s2hn2u

I would like to search for all events relating to the two 's' values found (1js832fc and 28s72d) from the initial search by 'mid' (2jhsd9asdhjs9s2hn2u).

I am finding it difficult to perform a search based on values found in a search, and sub-searches seem to be limited to the events that were found within the search, instead of searching back through the entire index? The result I would like is a search that initially searches for 'mid', and then searches back through the index for events that match the found events 's' value, and the end result would be all of the events above:

s=1js832fc event=A somedata=9sdsh
s=1js832fc event=B someotherdata=3s2jd
s=1js832fc event=C someotherotherdata=12s93d
s=1js832fc event=D someotherotherotherdata=32s8d2 mid=2jhsd9asdhjs9s2hn2u
s=28s72d event=A somedata=8sd6d
s=28s72d event=B someotherdata=27sh2d
s=28s72d event=C someotherotherdata=28s7s2
s=28s72d event=D someotherotherotherdata=2s73hd mid=2jhsd9asdhjs9s2hn2u

Is this possible?