I'm fairly new to Splunk so I am having a hard time understanding how Splunk passes fields.

My search:
host=HMWVP* source="WMI:Service" Name=Audiosrv State!=Running
|table host Name State
|dedup host
|eval schedule_id = host
|maint_schedule_hours_check($schedule_id$)

My Macro:
[maint_schedule_hours_check(1)]
args = schedule_id
definition = join \
[| inputlookup schedule_hours.csv \
| search schedule_id = $schedule_id$ \
| schedule_local_time($schedule_id$) \
| eval day_of_week =strftime(current_time, "%w") \
| where day_of_week = calendar_day_of_week \
| eval current_date =strftime(current_time, "%m/%d/%y") \
| eval hours_startTime = current_date." ".start_time \
| eval hours_endTime = current_date." ".end_time \
| convert timeformat="%m/%d/%y %H:%M" mktime(*Time) \
| where current_time > hours_startTime \
| where current_time < hours_endTime \
| stats count as schedule_hours_count \
| eval is_maintenance_hours = if(schedule_hours_count>0,"true","false")]
errormsg = When calling ismaintenance_hours input param schedule_id must be provided
iseval = 0
validation = isnotnull($schedule_id$)

Any guidance or suggestions would be greatly appreciated.
Thank you