How do I get these three conditions to work in my search for a field output?

I have search output wherein in field **DB_NotBackedup** has 3 values: 1- null value 2- value greater than 3 3- value less than 3 I need out of Backup_Status output missed if 'DB_NotBackedup' has null, Failed if 'DB_NotBackedup' has >3, and success if 'DB_NotBackedup' and < 3 Can anyone help me here? index=* sourcetype=conf host=* | join type=outer max=0 host [search index=tsm sourcetype="tsm-client-log" host=* "Total Domino databases inspected" | rex field=_raw "^(?:[^:\n]*:){3}\s+(?P.+)"] | convert num(Total_Databases) | table _time host Total_Databases | join type=outer max=0 host [search index=tsm sourcetype="tsm-client-log" host=* "Total Domino databases backed up" | rex field=_raw "^(?:[^:\n]*:){3}\s+(?P.+)"] | convert num(DB_Backedup) | dedup host | table _time host Total_Databases DB_Backedup | eval DB_NotBackedup = (Total_Databases - DB_Backedup) | eval BackupDate=strftime(_time, "%Y/%m/%d") | table BackupDate host Total_Databases DB_Backedup DB_NotBackedup | eval Backup_Status=case(DB_NotBackedup=null, missed, DB_NotBackedup>3, failed, 1=1, Success) | table Backup_Status host Total_Databases DB_Backedup DB_NotBackedup