Hi.
As you can see in your third screenshot, the log entry is not parsed. It only identified source, event_type, Facility, priority, hostname, appname. which seems like default fields to me. To get the log entry divided into fields it needs to be parsed. If you can successfully parse the logs you can then search the specific fields produced by the parser
I'm not sure where the logs are from but if there is a matching Content pack (Content packs -> Market place) you can install it and it should be able to identify the fields for you. If for example it is a NSX-T log the content pack VMware-NSX should provide the parsing for you.
If you are collecting the logs with loginsight agent (For example a file log) you need to define a parser either from scratch or using one of the templates contained in relevent content pack. under Management -> Agents