Stats Count not returning expected Results - Diffe... - Page 2

Splunk Search

HI Guys,

Just noticed something a little strange,
I am running a query to cont the number of a certain transaction.
When I run this query for a set date say the 23rd of June, it returns about 5.5k results.
Yet if I run the query with a time chart over the span of 1 month, It returns double the results in the count.
When I click into the events from this search it shows the original number as returned by the search of just that day.

Would someone be able to answer why this occurs?
Search query for the single day is:

host=myComputer-* index=index "KeyPhrase" success=True NOT (Content=Test1 OR Content=Test2) Crm=myRequest|stats count

and for the monthly one I run:

host=myComputer-* index=index "KeyPhrase" success=True NOT (Content=Test1 OR Content=Test2) Crm=myRequest|timechart count

any help appreciated.
Thanks
Steve

Get Updates on the Splunk Community!

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...

Updated Team Landing Page in Splunk Observability

We’re making some changes to the team landing page in Splunk Observability, based on your feedback. The ...

Stats Count not returning expected Results - Difference in count over single date and span covering same date

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms

Updated Team Landing Page in Splunk Observability