log compare not showing only new type of logs

I am working on building alerts for any new type of logs that is generated by the application and want to alert the development team. I came across the log compare feature which stats it can do that , however I was not able to get the right output. Need some help from sump developer to fix this as this is a priority item for us.

This is the query I am writing based on the understanding.

((_sourceCategory= xxxxx" and _collector="xxxx"))

|parse regex "^\"(?<LogExceptionID>.*?)\",\"(?<ApplicationName>.*?)\",\"(?<MainClassName>.*?)\",\"(?<MainMethodName>.*?)\",\"(?<ErrorThrownAtClassName>.*?)\",\"(?<ErrorThrownAtMethodName>.*?)\",\"(?<ErrorCreatedDate>.*?)\",\"(?<ErrorWrittenDate>.*?)\",\"(?<ExceptionMessage>.*?)\",\"(?<UserID>.*?)\",\"(?<DictatorID>.*?)\",\"(?<EditorID>.*?)\",\"(?<LogCreatedDate>.*?)\",\"(?<ClinicId>.*?)\",\"(?<EHRClinicID>.*?)\",\"(?<stacktrace>.*?)\",\"(?<ErrorCustomDescription>.*?)\""

|concat (ErrorThrownAtClassName,"-",ErrorThrownAtMethodName,"-",ExceptionMessage) as ErrorGroup

|logcompare field=ErrorGroup timeshift -7d |where (_isNew)

Objective is the baseline query will run for time shift -7 days and the target query will run hourly.  Now if anything new shows up in the hourly logs that is not available in baseline query , should show in the result set, based on that I will trigger the alert.

What is happening although the query is returning data , but those are not new type of logs, that happened in previous days, I don’t want them. Hope this helps.