I have the following log table, which parses the PostgreSQL log for slow queries and works fine

fields @timestamp as QueryTimePT
| filter @message like "LOG:  duration"
| parse @message "* UTC:*(*):*[*]:LOG:  duration: * ms *" as QueryTimeUTC, IP, RemotePort, User, PID, DurationMS, Query
| fields abs(DurationMS) / 60000 as DurationMinutes
| sort QueryTimePT desc

However, I really only want a few columns: QueryTimePT, User, Query, DurationMinutes. I merely assign the others because they are taken from the log file, it made parsing via glob easier.

Is there a way to finally only select some subset here?