Display search results in column format and sort

index="myindex" "searchstring" | eval fields=split(_raw," ") | eval field1=mvindex(fields, 7) | eval field2=mvindex(fields, 10) | table _time, host, field1, field2 | sort field2