Try it this way:

...search... | eval time = strftime(_time,"%y-%m-%d %H:%M") | table time field 11 field12

tks jim, that does the trick,

but if I have columns as follows; _time, field1, .... field11, field12 ....

and then I do: fields field11 field12

I get: field11, field12, _time

so to have _time as the leftmost column i have to do: fields _time field11 field12

which must be jsut how it works I guess?

Fields just selects the fields that are used for the search from the point forward, it's kind of a way to optimise the results (used quite extensively for summary indexing.)

Use the table command to order your fields...

... | table _time field1 field1* field2* 

I prefer fields

table changes the time format to this which dosen't look as good on the x-axis
2015-04-29 14:00:00

using fields it stays as this
2015-04-29 13:00

Understand the difference between what these commands do in Splunk :

http://docs.splunk.com/Documentation/Splunk/6.2.2/SearchReference/Fields

http://docs.splunk.com/Documentation/Splunk/6.2.2/SearchReference/table

Use fieldformat to change the format of the time field. Table provides the full value of the event for statistically operations.