Hello,
Am trying to extract UNIX CPU data core wise for multiple hosts, Am using the below query for extract,

source=cpu host="XYZ"
| multikv fields CPU pctIdle
| eval Percent_CPU_Load = 100 - pctIdle
| timechart span=5m eval(round(avg(Percent_CPU_Load),0)) by CPU
| table _time all *
| eval _time=strftime(_time,"%m/%d/%Y %H:%M:%S")
| table _time all *

however this looses the host field after the timechart command and am not able to view name of the host in the table.

"_time",all,0,1,2,3,4,5,6,7
"08/14/2019 14:35:00",3,3,4,4,5,3,2,3,2
"08/14/2019 14:40:00",5,5,7,6,5,5,4,5,4
"08/14/2019 14:45:00",4,4,4,5,5,4,4,3,4
"08/14/2019 14:50:00",2,2,1,2,2,2,5,4,1

I also tried with the bucket and stats command which gives the host field (query as below) but, it changes the format.

index=main host="XYZ" source=cpu
| multikv fields pctIdle host CPU
| eval Percent_CPU_Load = 100 - pctIdle
| table _time host CPU Percent_CPU_Load
| bucket _time span=5m
| stats avg(Percent_CPU_Load) by _time,CPU,host

"_time",CPU,host,"avg(Percent_CPU_Load)"
"2019-08-13T14:00:00.000-0400",0,"XYZ","1.9040000000000006"
"2019-08-13T14:00:00.000-0400",1,"XYZ","2.8860000000000015"
"2019-08-13T14:00:00.000-0400",2,"XYZ","2.1960000000000006"
"2019-08-13T14:00:00.000-0400",3,"XYZ","2.7099999999999995"
"2019-08-13T14:00:00.000-0400",4,"XYZ","2.5839999999999987"
"2019-08-13T14:00:00.000-0400",5,"XYZ","2.595"
"2019-08-13T14:00:00.000-0400",6,"XYZ","2.1990000000000007"
"2019-08-13T14:00:00.000-0400",7,"XYZ","2.093000000000001"

Am also unable to use an eval command and add a host field, Because the query is for an extract and I might need to add multiple hosts.
So please could some one help me with an extract in the below format

_time, Host, all,0,1,2,3,4,5,6,7