If you want to get a bit more granular as to which fields are displayed, you can specify it in your search. For example:
eventtype=cylance_index sourcetype=device | stats list("Agent Version"), list("Device Name"), list("OS Version"), list("Policy"), list("Files Analyzed") by Zones
Then, if you want to specify the particular zone you want to look at... add it to the start of the search (ex: test zone):
eventtype=cylance_index sourcetype=device zone=test | stats list("Agent Version"), list("Device Name"), list("OS Version"), list("Policy"), list("Files Analyzed") by Zones
You can also end the strings with a "| rename" to pretty up the column headers if desired. I hope that helps.
... View more