Hi,
My need is to compare two log files of same pattern . sometimes the log files will be entirely different because they can be the files of two different instance or they can be from same instance at a different time , in that case other than few dynamic fields in the product all other fields will be same. i have been using a search for the result from a single file and using join command i tried to find the diff values for the search .
please help me to find an efficient query for this need.

index=main source=SUCCESS
| transaction startswith="Source Summary" endswith="Load Summary"
| table summ_name
| mvexpand summ_name
| join summ_name[
search index=main source=SUCCESS
| fields summ_name summ_instance sum_out sum_affected sum_applied sum_rejected ]
|table summ_name summ_instance sum_out sum_affected sum_applied sum_rejected
|rename summ_name as Source |rename summ_instance as File1
|join type=outer Source [search index=main source=FAIL
| transaction startswith="Source Summary" endswith="Load Summary"
| table summ_name
| mvexpand summ_name
| join summ_name [
search index=main source=FAIL
| fields summ_name summ_instance sum_out sum_affected sum_applied sum_rejected ]
|table summ_name summ_instance sum_out sum_affected sum_applied sum_rejected
|rename summ_name as Source summ_name as summ_name1 sum_out as sum_out 1 sum_affected as sum_affected 1 sum_applied as sum_applied1 sum_rejected as sum_rejected1
|rename summ_instance as File2 ]
|where 'File1' != 'File2' ``

• I am not able to provide a full outer join and display all the values from both the files
• if some fields are same and other fields are different then i want diplay them in same row
• SUCCESS and FAIL are 2 different files

please help
Thank You