The base search is a hard-coded list of known values using makeresults, so I could certainly add a key (and it could match the field name being returned in the query).

| makeresults 
| eval expectedResults=actualResults="My Item 1", actualResults="My Item 2", actualResults="My Item 3"
| makemv delim="," expectedResults
| mvexpand expectedResults
| table expectedResults

I'm not concerned about a sort order, except maybe when I do a final presentation of the data.  It's more about determining which values are returned in the query matching (or not matching) the values in the base list.

Your makeresults isn't valid SPL so it is still a little unclear what you are working with.

Having said that, if you make results has two fields, a key field and an expected results field, you could append your makeresults to your actual results and then use stats to combine the events by their key values and then you can compare whether they are different.

Sorry - learning a few things as I go here.

Basically, I just need to compare the results of a search to a static known list of values.

The search will return a list of values using stats.

stats values(actualResults) as actualResults

I guess I'm not 100% clear on what to do first to create the static list using makeresults, and then to append/use stats to combine - I have attempted to do so without getting the results I expect.

If I were to put it in SQL terms, I'd have a reference table of known values ("My Item 1", "My Item 2", etc.) and a results table of data to search, and I'd do a left outer join:

Ref Table: MY_REF_TABLE

Results Table: MY_RESULTS_TABLE

Query:

select KNOWN_ITEM, 
case when result_item is null then 'No Match' else 'Match' end HasMatch
from MY_REF_TABLE
left join MY_RESULTS_TABLE
on KNOWN_ITEM= RESULT_ITEM

Results: