this is my table:

moduleName  siteName    companyDUNS siteID
abc         site1          1111      16682
bbb         site2          22222          6956
ccc          site3         3333       28118

this is my lookup table(suppliers):

SiteName    DUNS    SiteID
site2          1111 16682
site3           666  16684
site1      55555566 55555

this is my query:

|inputlookup Suppliers | mvexpand SiteID |join Site ID:' [search sourcetype=UserActivity  | rex field=_raw " Module name: (?.*), Site name: (?.*), Site ID: (?.*), Site Duns: (?.*), User full name: (?.*), User ID: (?.*), User roles: (?.*)"  | search moduleName=incominggeneralledger
| table _time,moduleName,siteName,companyDUNS,siteID,Userfullname,UserID,UserRole]

expected result:

moduleName  siteName    companyDUNS siteID  SiteName    DUNS    SiteID
abc         site1           1111     16682      site2    1111   16682

from this result i want only

moduleName  siteName    companyDUNS siteID 
abc          site1  1111                   16682 

Thanks