2019-12-18 03:05:53.999, eventid="357374258", eventuei="uei.opennms.org/thresholds/bgpPeerState/XOM-rearm", nodeid="726", eventtime="2019-12-18 03:05:53.999+00", ipaddr="158.55.2.109", eventlogmsg="Peering Lost Cleared in device: USBRO-WANRTC001, peer: 10.253.130.30", eventseverity="3", alarmid="19899391", nodelabel="USBRO-WANRTC001"

2019-12-18 02:58:54.041, eventid="357357158", eventuei="uei.opennms.org/thresholds/bgpPeerState/XOM-falling", nodeid="726", eventtime="2019-12-18 02:58:54.041+00", ipaddr="158.55.2.109", eventlogmsg="USBRO-WANRTC001: Peering Lost in device, peer: 10.253.130.30", eventseverity="7", alarmid="19899391", nodelabel="USBRO-WANRTC001"

I have the above 2 events from single index.

Eventuei is the comparison parameter here. Based on time it should compare.
This is a BGP peering status event from a device.

  based on time if only "uei.opennms.org/thresholds/bgpPeerState/XOM-falling" is there, It should show STATUS : DOWN.
     If "uei.opennms.org/thresholds/bgpPeerState/XOM-rearm" came after  "uei.opennms.org/thresholds/bgpPeerState/XOM-falling"  in terms of time STATUS : UP should show.