@khanlarloo, you have following options
Option 1: Use addcoltotals command to calculate column total
<YourBaseSearchWithIndexAndSourcetype> host="splunk.local"
| addcoltotals labelfield=event label=Total
PS: Since you are not showing _time in your stats I don't think you need |bucket _time span=1mon, and in case you do, timechart would be a better command
Option 2: Use addtotals command to calculate column total using row=f col=t
<YourBaseSearchWithIndexAndSourcetype> host="splunk.local"
| addcoltotals row=f col=t labelfield=event label=Total
Option 3: If you are on Splunk 6.5 or greater you can use Simple XML Chart configuration option totalsRow set to true
<option name="totalsRow">true</option>
Following is a run anywhere dashboard based on Splunk _internal index which elaborates all three options:
<dashboard>
<label>Total Of Field values</label>
<row>
<panel>
<title>Option 1 : SimpleXML option totalsRow = true</title>
<table>
<search>
<query>index=_internal sourcetype=splunkd
| stats count by component
| sort - count
| head 10
</query>
<earliest>-24h@h</earliest>
<latest>now</latest>
<sampleRatio>1</sampleRatio>
</search>
<option name="count">20</option>
<option name="dataOverlayMode">none</option>
<option name="drilldown">none</option>
<option name="percentagesRow">false</option>
<option name="rowNumbers">false</option>
<option name="totalsRow">true</option>
<option name="wrap">true</option>
</table>
</panel>
</row>
<row>
<panel>
<title>Option 2 : addcoltotals command</title>
<table>
<search>
<query>index=_internal sourcetype=splunkd
| stats count by component
| sort - count
| head 10
| addcoltotals labelfield=component label=Total</query>
<earliest>-24h@h</earliest>
<latest>now</latest>
<sampleRatio>1</sampleRatio>
</search>
<option name="count">20</option>
<option name="dataOverlayMode">none</option>
<option name="drilldown">none</option>
<option name="percentagesRow">false</option>
<option name="refresh.display">progressbar</option>
<option name="rowNumbers">false</option>
<option name="wrap">true</option>
</table>
</panel>
</row>
<row>
<panel>
<title>Option 3 : addtotals command</title>
<table>
<search>
<query>index=_internal sourcetype=splunkd
| stats count by component
| sort - count
| head 10
| addtotals row=f col=t labelfield=component label=Total</query>
<earliest>-24h@h</earliest>
<latest>now</latest>
<sampleRatio>1</sampleRatio>
</search>
<option name="count">20</option>
<option name="dataOverlayMode">none</option>
<option name="drilldown">none</option>
<option name="percentagesRow">false</option>
<option name="refresh.display">progressbar</option>
<option name="rowNumbers">false</option>
<option name="wrap">true</option>
</table>
</panel>
</row>
</dashboard>
____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
