I get the following.

 Also where do I go to change things?

similiar to this or do I make the change else where?

This query shows that you have data on this data model. Now you should add “| search ….” with those search terms which you already have on your first tstats and try to figure if those are present in your DM or are there something which is missing. This is the way to “debug” your tstats from DM.

which one

None of those. I mean your second query on your 1st post. Something like this

| from datamodel:"Change.Auditing_Changes"
| search nodename=All_Changes.Auditing_Changes All_Changes.action=cleared

That way you could found if those fields/values are on your DM or not. Or if you have some typos or other issue on your condition. 

I am not getting result from that should I be?

 now that I have figured out that I am not getinng results in what should I do ?

Also thanks alot for be super clear in your answers as I would not have figured out the exact search part.

Probably this is in wrong order and maybe nodename hasn't defined fields at this time

search nodename=All_Changes.Auditing_Changes

Try to check what you have on fields  All_Changes.Auditing_Changes and All_Changes.action.

Also if you want use nodename as a value instead of field you should surround it by " like "nodename" and also cleared as "cleared" if also that is a value.