thanks @ITWhisperer  for your reply . i am trying to fetch data based on data_center and create four fields that is AvgCpuLoad-UKDC MaxCpuLoad-UKDC AvgCpuLoad-USDC MaxCpuLoad-USDC.

Try something like this

| ...... base search 

| rex field=_raw "measResults\W(?<avgCpuUtilization>\d{0,3})\s(?<maxCpuUtilization>\d{0,3})"
| rex field=_raw "PLMN-PLMN\W\w+-\d\W\w\w\w-\d{0,3}.\d{0,3}.\d{0,3}.\d{0,3}@(?<data_center>\w+-\w+)"
| rex field=_raw " endTime\D\D(?<year>\d{0,4})\D(?<month>\d\d)\D(?<date>\d\d)"
| eval order = case(month==1,"january", month==2,"february", month==3,"march", month==4,"april", month==5,"may", month==6,"june", month==7,"july", month==8,"august", month==9,"september", month==10,"october", month==11,"november", 1==1, "december")
| chart avg(avgCpuUtilization) as AvgCpuLoad max(maxCpuUtilization) as MaxCpuLoad by order, data_center
| eval order = upper(order)
| rename "AvgCpuLoad: LVS_DC" as "AvgCpuLoad-UKDC", "AvgCpuLoad: RB_DC" as "AvgCpuLoad-USDC", "MaxCpuLoad: LVS_DC" as "MaxCpuLoad-UKDC", "MaxCpuLoad: RB_DC" as "MaxCpuLoad-USDC"