Thanks @CliveWatson 

I mistakenly put as workspace. 

I have two resources Under LogAnalytics workspace group. and under those two resources, there are two names . For eg:

Log Analytics workspaces 

 -> Name                      Type
eastusprodloganlytics eastus-prod-rg
westusprodloganlytics west-prod-rg

Is there a way to union till name and type

@vishalkakkar 

Are you really asking for a Union?  This will Union the Table called Event with the Table called SecurityEvent (using 10 records from each)

union isfuzzy=true
(Event | limit 10), 
(SecurityEvent | limit 10)

This is a great question to ask, if you supply the data in a datatable:, are you trying to concatenate the two values?

let dummyData = datatable(Name:string, Type:string)
[
    "eastusprodloganlytics" , "eastus-prod-rg" ,
    "westusprodloganlytics" , "west-prod-rg" 
];
dummyData
| where Name !=""
| project theMergedStringIs = strcat(Name, " " , Type)

If this isn't right, can you share a screenshot, as its hard to tell what your data looks like and what you want it to change to?  e.g.

Thanks Clive

@CliveWatson 

Please find below screenshot, am tying to concatenate logs from two different workspaces.

So there is one more workspace which i need to add to concetenate logs from two different workspace

-VIshal Kakkar

@CliveWatson 

Please find below screenshot, am tying to concatenate logs from two different workspaces.

So there is one more workspace which i need to add to concetenate logs from two different workspace

-VIshal Kakkar

Hello @vishalkakkar 

So to merge two workspaces (or more) in single query we can UNION them.  You will have to amend the code to put in your names lines 4 & 5 and change the orignalhost_s line to match your setup. 

union withsource = SourceApp
//workspace('eastusprodanalytics'   ).AzureDiagnostics,  
//workspace('westusprodanalytics-IT').AzureDiagnostics, 
workspace('ContosoRetail-IT').AzureDiagnostics, 
workspace('Fabrikamltdprod' ).AzureDiagnostics 
| parse SourceApp with * "('" applicationName "')" *  
| where Category == "ApplicationGatewayAccessLog" 
| where originalHost_s == "13.85.25.40"
| summarize count() by bin(TimeGenerated, 1h) , applicationName
| sort by count_ desc

the output looks like this (only one of my workspaces had these entries) - so only one is shown in the "applicationname" column.