@vganjare , when I am trying it individually in another search, it is showing count of all correctly , but when using it with above query it is not showing correct values. What would be the problem. I am very confused. 😞
example:
state name:AK
churn=true:3
total churn:52.
when we calculate it should get 5.7692 but here it is showing 0.090009
any ideas

Thanks.
Santhosh.

Can you please provide the query used in another search? Here, I think, you are calculating the % churn by state.

Also, the above query can be written in below format:
sourcetype="Churn_csv"
| eval Churn = if(Churn="True.","1","0")
| stats sum(Churn) as true_churn , count(Churn) as total_churn by state
| eval prop= true_churn*100 / total_churn
| stats sum(prop) by state

here is the query for getting count .
source="Churn_DATA_lat_lon.csv" host="LTCPU069-PC" sourcetype="Churn_csv"
| eval Churn = if(Churn="True.",1,0)
| stats sum(Churn) as total_churn, count(Churn) by state

based on your proposed query, it is now showing perfect values, but not able to add geostats.
what would be the problem.

try changing the stats to eventstats.

@vganjare I have changed stats to eventstats, but didnt kept geostats, i have used stats instead, it shown me different values. then after keeping geostats, it shown the perfect values, can you please explain me the actual reason behind it.?

I suspect, the geostats command tries to add/extract the information for the location (for mapping purpose). I dont expect any differences in the results computed by stats vs eventstats. Most likely, it should not happen. You can read the details of geostats at http://docs.splunk.com/Documentation/Splunk/6.2.2/SearchReference/Geostats

Thanks!!

@vganjare , one more inconsistency again 😞
it is showing some more values with correct values.
source="Churn_DATA_lat_lon.csv" host="LTCPU069-PC" sourcetype="Churn_csv"
| eval Churn = if(Churn="True.","1","0")
| eventstats sum(Churn) as true_churn , count(Churn) as total_churn by state
| eval prop= true_churn*100 / total_churn
| geostats sum(prop) by state globallimit=0

getting different values in statistics, in geostats chart only incorrect value.
please help

What are the different values of Churn? Is it True or True. ? Can you try stats values(Churn) before | eval Churn = if(Churn="True.","1","0")?

thank god!!
finally got it on my own 😉
i just changed sum(prop) to values(prop) 🙂

thank you so much for the support.!!

yes, perfect.!!!
splunk is very complicated !!
sorry for making you so pinpointed and make you to answer silly Q?'s
I am very very new and purely self learning guy from my firm.( my domain is SAP BO ) actuallly 🙂
anyway thanks a lot.!!!

Glad that I could help!!

Thanks!!