Try this:
index=_internal (source=*/metrics.log* OR source=*\\metrics.log*) group="tcpin_connections" | fillnull value=null | dedup hostname| stats count by os | rename os AS OSType

yeah it is working now.. Luke if i have to display

1. OS type
2. No of servers(of a specific OS type)

what modification should i made in the baove search.

Try adding fillnull value=null before stats.
index=_internal (source=*/metrics.log* OR source=*\\metrics.log*) group="tcpin_connections" | fillnull value=null | stats sum(kb) by hostname,sourceHost,os |sort -sum(kb) | rename sourceHost AS HostIP, hostname AS HostName, os AS OSType

I am just running the search that you specified.

What search are you running exactly when you look for hosts?

All the universal forwarder are sending logs to indexer directly.

Are all hosts sending data to the indexer, or are some of the hosts sending data to other universal forwarders and then on to the indexer?

I am using universal forwarders

Regarding the hosts, are you using heavy forwarders?

I am searching for the hosts over the whole time span.

Also i want to display search names and if i have done any modification in inbuilt searches.

You want to list the search names, or you want to report the search results?
As for the hosts, first verify that you have data from the missing hosts in the timeframe you're searching.

Done luke. :). I would be really helpful if you could also guide me in solving the problem of discrepenancy of no of actual hosts and listed in _internal.

All the searches that i have created in splunk, i want to show them in a report.

For starters, if you like my answer then you could upvote it:)
What do you mean when you say "list the saved searches" exactly?

Group per_host_thruput will list the host in the field "series".
Group tcpin will list the host in the field hostname.
Are you sure that the hosts have sent data in the time frame that you are searching?

This does not show sourcetype thruput by host, nor does it show the host IP.