CylancePROTECT App for Splunk: Is there a way to create a search to filter out results by 1 field and create a table that shows only desired fields?

New to splunk. I've setup CylancePROTECT App for Splunk. You may be familiar with this, but Cylance has “Zones” that it uses to group and classify devices for a client. So we have one portal setup where each client has their own "Zone". I am need to specify a particular zone in a search string that will filter only devices within that zone and then create a table that lists only these Cylance Fields – Device Name, Created, Is Online, Offline Date, User I have been messing around and have found that these search strings are close to providing the all of the information I need, but I don’t know how to filter or list only the fields that I want. These commands have every field and also lists every time the device comes up in the logs. I just need 1 row per device. eventtype=cylance_index sourcetype=device | stats list by "Zones" eventtype=cylance_index sourcetype=device | stats list by "Device Name" I would also like to schedule a week/month report for every one of our zones so we’ll know the amount of devices, which are offline and for how long.