Yes:
... | strcat date_year "-" date_month "-" date_mday date_str
or
... | eval datestr=date_year."-".date_month."-".date_mday
or
... | eval datestr=strftime(_time, "%Y-%m-%d")
I would suggest to use the last one, as it is possible that the date_* fields are missing from the event.
