Hi Team, 

I have query, result returned for "dateofBirth" filed is "yyyymmdd" like "19911021", can I format the value return for "dateofBirth" like this: "yyyy/mm/dd": example "1991/10/21"

Below is my query:

index=hsl_app | search source = "http:dote-hsl-master-hslcheck"
| rex "vaccineFlag\":{\"key\":(?<vaxFlagKey>[0-9]),\"value\":\"(?<vaxFlagValue>[^\"]+)\"}}"
| rex max_match=0 "passengerHashedID\":\"(?<passengerHashedID>[^\"]+)"
| rex max_match=0 "isCertRequired\":\"(?<isCertRequired>[^\"]+)"
| rex max_match=0 "nationalityCode\":\"(?<nationality>[^\"]+)" | rex max_match=0 "birthDate\":\"(?<dateOfBirth>[^\"]+)"
| rex "odEligibilityStatus\":\"(?<odEligibilityStatus>[^\"]+)"
| rex max_match=0 "\"code\":\"(?<paxErrorCode>[^\"]+)\",\"message\":\"(?<paxErrorMessage>[^\"]+)"
| eval paxCert = mvzip(passengerHashedID, isCertRequired, ",")
| eval od = mvzip(boardPoint, offPoint, "-")
| stats earliest(_time) as _time, values(nationality) as nationality, values(dateOfBirth) as dateOfBirth, values(airlineCode) as airlineCode, values(channelID) as channelID,values(boardPoint) as boardPoint, values(offPoint) as offPoint, values(od) as od, values(odEligibilityStatus) as odEligibilityStatus, values(vaxFlagValue) as vaxFlagValue, list(paxCert) as paxCert, values(paxErrorMessage) as paxErrorMessage, values(APIResStatus) as APIResStatus by requestId | where airlineCode ="SQ" | where isnotnull(paxCert) | mvexpand paxCert | dedup paxCert
| eval paxID = mvindex(split(paxCert,","),0), isCertRequired= mvindex(split(paxCert,","),1)
| stats latest(_time) as _time, values(vaxFlagValue) as vaxFlagValue, values(nationality) as nationality, values(dateOfBirth) as dateOfBirth, sum(eval(if(isCertRequired="Y", 1, 0))) as eligible, sum(eval(if(isCertRequired="N",1,0))) as notEligible by od
| where NOT (vaxFlagValue="NONE" OR vaxFlagValue="NO SUPPORT") AND eligible = 0