In the query  _time is already formatted. But when i try to export the data in csv its showing different formats. 

Query:

index="win event" host IN (USMDCKPAP30074) Event=6006 OR Event="6005" Type=Information
| eval Uptime = if(Event=6005,strftime(_time, "%Y-%d-%m %H:%M:%S"),null())
| table host Uptime

Eg:

2022-31-01 10:00:42
2022-29-01 06:40:11
2022-27-01 12:55:56

After exporting :

8/1/2022 4:08
1/1/2022 4:03
2021-25-12 04:03:29
2021-18-12 04:02:54
2021-16-12 10:14:45
2021-16-12 10:08:21
11/12/2021 4:08
4/12/2021 4:11