There isn't an easy way to iterate on fields when they are sucked into a timechart. The timechart fields become the value of the field rather than the original field name.
For example:
<result offset='0'>
<field k='_time'>
<value><text>2013-01-01T00:00:00.000+00:00</text></value>
</field>
<field k='2400'>
<value><text>2653</text></value>
</field>
<field k='4001 AG_E_NETWORK_ERROR <22'>
<value><text>100</text></value>
</field>
<field k='4001 An error has occured'>
<value><text>768</text></value>
</field>
<field k='404'>
<value><text>116</text></value>
</field>
<field k='6034 The graphics adapter or the driver has been tampered with <2'>
<value><text>169</text></value>
</field>
<field k='7008'>
<value><text>1257</text></value>
</field>
<field k='7405'>
<value><text>5012</text></value>
</field>
<field k='7995'>
<value><text>151</text></value>
</field>
<field k='805'>
<value><text>501</text></value>
</field>
<field k='810'>
<value><text>160</text></value>
</field>
<field k='NULL'>
<value><text>67</text></value>
</field>
<field k='OTHER'>
<value><text>468</text></value>
</field>
<field k='_span'>
<value><text>86400</text></value>
</field>
<field k='_spandays'>
<value><text>1</text></value>
</field>
</result>
There isn't an easy way to iterate on fields when they are sucked into a timechart. The timechart fields become the value of the field rather than the original field name.
For example: