Sure. I will change the schedule for my saved search, per your suggestion.

Regarding datamodel definition, I have uploaded the images in my above comments, as I cannot directly upload image here. Please have a look at those images, to understand my datamodel definition.

I will try to run the modified query to check, whether there is any improvement in search performance.

Somehow our discussed old comments got deleted. Not sure what happened, I cannot see my old comments !!!

I asked some questions :

1. What would be ideal schedule for the saved query which is returning 3 months of data ? and what TTL would be the ideal one ? Please suggest ?
2. Below link is providing some solutions for Timepicker with loadjob ? I tried doing that, but it was not working, as I think somehow I am not getting _time in my saved search which is passing output to loadjob : https://answers.splunk.com/answers/188469/how-to-get-results-to-load-with-a-time-picker-sett.html#an....
3. Whether my saved search in my question (point no.3) can be further fine-tuned to improve the performance ?
4. Where do we specify summariesonly=true ? in the query ?

You are confusing the 2 questions. All of our comments are in the old question. I am resetting here.

1: If you are using summary index or accelerated data model, then TTL makes no difference; that is only if we are using loadjob.
2: Forget loadjob.
3: See #4.
4: | tstats summariesonly=t ... or switch to metrics store.

I accelerated the datamodel and tried using summariesonly=true, but it is not returning any events and any values now ? returning zero. What can be the issue here ?

|tstats summariesonly=true  dc(event_type) as count from datamodel=box_activity by created_by_login
 |dedup created_by_login
 |replace "Unknown User" with "Shared Links" in created_by_login
 |rex field=created_by_login ".@(?<sourcedomain>[a-zA-Z0-9][\w\.-]*[a-zA-Z0-9]\.[a-zA-Z][a-zA-Z\.]*[a-zA-Z])" 
 |search sourcedomain="dadomain.com"
 |rename created_by_login as User, event_type as Activity 
 |where User!="BOX Admin"
 |sort - count|where count >=7| stats count|appendcols [search index=dctest sourcetype=box-users earliest=-6h latest=now|table S_No|search S_No!="S.No"|sort - S_No|head 1 |eval S_No=S_No+13 ]
 |eval Advanced=round((count*100)/S_No,0)|fields - count|table Advanced|rename Advanced as "%"

You have to give the ADM a chance to complete. Check the status.

I checked it now, but still it is not returning any events ? How much time we have to wait for the ADM to get complete ? I think its already more than 30 minutes.

It depends on how much data you have, how fast your indexers are and how far back you told it to accelerate. How did you "check it"?

When I click on datamodel. In the Acceleration status it shows as 100% completed. Then I am using the same query with summariesonly=true, but still I am not getting any events. The output of the query is zero.

while enabling acceleration, I gave last 3 months in the acceleration time.

So acceleration is complete but your search isn't working. Peel off | one by one from the bottom on up until you get it to work.

I think there is some issue in my summary index configuration and datamodel, which I am not able to figure it out. Now, I have disabled "Acceleration", but still I am not able to get the events, zero result. Can you go through my question once again and suggest whether my configuration sequence is proper ? I have configured the summary index for the first time, hence not sure if something is wrong there ?

My Scenario - I want to show %value of users whose event_type is more than 12 activities such as download, upload, preview etc. For that I need 2 fields created_by_name and event_type. So to start with :

1. Whether my first saved search is proper to put into summary index ?
2. How do I verify the datamodel is created properly, I can attach the screenshot for the same ?
3. whether tstats is the proper command to use for datamodel ?

Please advise, as I am still confused on my sequence which I have put into question ?

Images of datamodel are uploaded at below links

https://ibb.co/n7FR86x
https://ibb.co/X3ZVpCg
https://ibb.co/rdKZBgB

Are you certain that the data range of the query you are using as a test falls within the date/time range of your acceleration? If you query outside of that range then your query will be as slow as if it was not accelerated.

Lastly, I already tried accelerating the datamodel, but still the query runs slow and takes time to load the result in the panel and also, after accelerating, it is not showing proper value.. showing reduced value in the panel.

Yes, accelerating the datamodel means that you will be running a few minutes behind because it takes time to accelerate. That is why most people use earliest=-65m latest=-5m when doing an hourly report (shifted back 5 minutes).