| makeresults
| eval EVENT_TIMESTAMP_UTC=split("2020-11-19 13:50:08.393085,2020-11-19 13:50:08.3517,2020-11-19 13:50:08.306023,2020-11-19 13:50:08.238995,2020-11-19 13:50:08.16885",",")
| rename COMMENT as "the logic"
| mvexpand EVENT_TIMESTAMP_UTC
| rex field=EVENT_TIMESTAMP_UTC "(?<data>\d[\w\-: ]+)\.(?<msecond>\d+)"
| eval msecond=printf("%06d",msecond)
| eval EVENT_TIMESTAMP_UTC=strptime(data.msecond,"%F %T%6Q")
