Like others have mentioned, you have way too much going on in that search for us to just immediately recognize what is wrong. But I think I can recommend some basic troubleshooting. Hopefully you've gone through this exercise already, but if not maybe now is the time.
Your search is complex. Do you have any idea where the error in logic shows ups? Does the base search work? If so, do you see the results you expect after the foreach? If so, does that mvzip do what you expect? And so on. Splunk's SPL isn't all or nothing. Start stepping through each phase of your search to try identify where the mistake is introduced. Start with the base search and pipes one at a time.
And if you have lots of data you're working with, change your base search to include one or two specific sources so that maybe the mistake will be more obvious when you get there.
Nobody here is going to be able to help you identify the issue without sample data. And even then, I think there's a lot of logic built into that search based on what you understand about this data, so we would still struggle to follow along. So just take it step by step on your own and should find the issue.
"P.S. I should mention that the date I am extracting from from the event is the correct one, its just being listed wrong."
What do you mean "listed wrong"?
Dude... if you want help with this, you gotta at least share some sample data.
I apologize I've uploaded a screen shot with sample data
We really need some raw events to work through this.
I apologize I've uploaded a screen shot with sample data
Not a screen shot and that is not raw event data. Post a comment with plain text raw data as text.
Ok, I misunderstood, I won't be allowed to post the raw data online. I'll try and create something very similar that I can post, or create a new question that is more detailed, thank you again for your help.
something very similar
will probably not work, because everyone will used the provided sample and if you use it on your real data....well, don't expect it to work. Only real events will provide real solutions.
The problem is that your search is so complicated that there is really now way to unwrap it to find the problem without good source data.