Source not searchable after re-write?

Hello,

I am having a rather strange problem dealing with source's that have been changed. I have a WinEventLog:Application input, then on my forwarder I am re-writing the source field to be something more contextual. The new source is coming across fine, I can see it in the dashboard_live source summary page, but searching for source="MSW_GW_EVL_NAP" returns no results. However, searching for something like sourcetype="WinEventLog:Application" source!="WinEventLog:Application", the events are there and the correct source is showing.

I am using props / transforms on my forwarder, and have done this in a similar way for other source's, and it has worked fine.

Please help!

props.conf

[source::WinEventLog...]
SHOULD_LINEMERGE = false
MAX_TIMESTAMP_LOOKAHEAD=30
LINE_BREAKER = ([\r\n](?=\d{2}/\d{2}/\d{2,4} \d{2}:\d{2}:\d{2} [aApPmM]{2}))
REPORT-MESSAGE = wel-message, wel-eq-kv, wel-col-kv
KV_MODE=none
TRANSFORMS-FIELDS = strip-winevt-linebreaker
TRANSFORMS-source = winevt_apidst, winevt_mswgw

transforms.conf

[winevt_apidst]
SOURCE_KEY=MetaData:Host
REGEX=(?i)mswprapidst\d\d.*
DEST_KEY=MetaData:Source
FORMAT=DSTAPI_EVL_NAP

[winevt_mswgw]
SOURCE_KEY=MetaData:Host
REGEX=(?i)mswprgw\d\d.*
DEST_KEY=MetaData:Source
FORMAT=MSW_GW_EVL_NAP