Hello Splunk TEAM,

I have a question about my searchs in splunk.

I have 3 index and I want to search and compare some information. 

But when I do my search Tiempo_Ejecutado its wrong I dont know what happen!

(index="inlooxtt" StatusName!=Completed StatusName!=Cancelled PerformedByName!=Donado* CreatedDate>2020-05-30 ProjectName!="Capac* General" ProjectName!="Preventas*") OR (index="inlooxtasks" ProjectStatusName!=Completed ProjectStatusName!=Cancelled ContactDisplayName!=Donado* ContactDisplayName!="null" ProjectName!="Capac* General" ProjectName!="Preventas*") OR (index="inlooxprojects" StatusName!="Completed" StatusName!="Cancelled" StatusName!="Pausado" IsRecycled!="true" FirstTeamMember!="Inloox - Alejandro Donado (deleted)" Name!="Capacit* General" Name!=Preventas*)
| eval Proyectos=coalesce(ProjectName, Name) 
| eval Tiempo_Ejecutado=(DurationMinutes/60), Tiempo_Planeado=WorkAmount, Tiempo_Vendido=Ventas
| stats dedup_splitvals=true sum(Tiempo_Ejecutado) as Tiempo_Ejecutado, sum(Tiempo_Planeado) as Tiempo_Planeado, sum(Tiempo_Vendido) as Tiempo_Vendido by Proyectos
| eval Tiempo_Ejecutado=round(Tiempo_Ejecutado,2)
| eval Tiempo_Planeado=round(Tiempo_Planeado,2)
| sort Proyectos

Index1 have ProjectName Index2 ProjectName Index Name

Thanks ALL!