wow, that worked perfectly, thx. I was messing around with eventstats earlier and could not get this work. If you could explain the sum part to me it would be very helpful. As far as I am aware, 'eventstats' works off the original and unaltered set of data as if it was the first pipe command. I am slight confused on how sum(count) produces the correct results in this case.

The eventstats works on the dataset/result available to it (all result in whatever format available just before eventstats command is invoked), and without altering it, adds new information/column. So the data available before eventstats was the output of "stats count by myfield", which will give you one row per myfield with corresponding count. The eventstats is then summing all those count values and adding it as a new field to each row.

Easiest option to understand is the just run the command before eventstats and then add the eventstats to see the changes.

Ok I guess my question then is why does this work...
base search | stats count by myfield | eventstats sum(count) as totalCount
But this doesn't...
base search | stats count by myfield | stats sum(count) as totalCount

You're using stats command to calculate the totalCount which will summarize the results before that, so you'll only get a single row single column for totalCount. Your requirement was to keep the myfield and corresponding count, and get an additional field for totalCount (to calculate percentage) in each row, so eventstats is the way to go.

oh ok my understanding of eventstats was slightly off, your last comment makes a lot of sense now, thanks for all the help, this has been troubling me all day. You definitely cleared up my confusion!