If you don't know the max, try this...

... | stats sum(uploadSize) as totalUploadSize sum(uploadDuration) as totalUploadDuration by deviceID | eval bandwidth= round((totalUploadSize)/(totalUploadDuration*0.001*131072),4) | table deviceID bandwidth | stats count by bandwidth | sort + bandwidth | append [ search ... | stats sum(uploadSize) as totalUploadSize sum(uploadDuration) as totalUploadDuration by deviceID | eval bandwidth= round((totalUploadSize)/(totalUploadDuration*0.001*131072),4) | stats max(bandwidth) as maxvalue | eval bandwidth=mvrange(0, maxvalue, .1) | mvexpand bandwidth | table bandwidth ] | stats values(count) as count by bandwidth

your first post kind of worked, for some reason its going in order of the first digit so the 2.12 value is showing up after 10

fixed it by sorting it

The bars are being spaced out a lot but the spacing is still constant not proportional

The column spacing is exactly same as value of "bandwidth"? Do you want it to be spaced out based of value of "count"? OR if you could post snapshot of your expected graph.

This is what I'm looking for

Give this a try

... | stats sum(uploadSize) as totalUploadSize sum(uploadDuration) as totalUploadDuration by deviceID | eval bandwidth= round((totalUploadSize)/(totalUploadDuration*0.001*131072),4)  | stats count by bandwidth  | eval _time=relative_time(now(),"@d") + bandwidth | timechart span=10s values(count)  by bandwidth | eval t=round(_time-relative_time(now(),"@d")) | fields - _time | table t *

This is the result

Something is wrong (negative t shouldn't come) . This should give number of rows equal to max of bandwidth. Can you try this

... | stats sum(uploadSize) as totalUploadSize sum(uploadDuration) as totalUploadDuration by deviceID | eval bandwidth= round((totalUploadSize)/(totalUploadDuration*0.001*131072),4)  | stats count by bandwidth  | eval _time=relative_time(now(),"@d") + bandwidth | timechart span=10s values(count)  by bandwidth | eval t=round(_time-relative_time(now(),"@d")) | fields - _time | table t * |where  t>0

It says no results found when I do that

So are you trying to set the bandwidth as the time, that way I can use a timechart to display the information?

To make x-axis markers to space out based on the x column value, I'm adding current day and then after chart substracting current day into the bandwidth. Thus there should never be a negative value for column t. Can you try this and if it doesn't work, provide the full search that you're using?

... | stats sum(uploadSize) as totalUploadSize sum(uploadDuration) as totalUploadDuration by deviceID | eval bandwidth= round((totalUploadSize)/(totalUploadDuration*0.001*131072),4)  | stats count by bandwidth | eval _time=bandwidth | timechart span=2 values(count)  by bandwidth | eval t=_time | fields - _time | table t *

This is very close. The bars are currently being squished to the left side

My search is:

... |   stats sum(uploadSize) as totalUploadSize sum(uploadDuration) as totalUploadDuration by deviceID |   eval bandwidth= round((totalUploadSize)/(totalUploadDuration*0.001*131072),4) |  table deviceID bandwidth | stats count by bandwidth | sort + bandwidth

currently it looks like