i have around 25  events with  httpsCode = 200 OK but when use the above function it returns 0 in the success column

As @ITWhisperer suggested, you should check and post accuracy of relevant data.  I highly doubt if you have a field called httpsCode.  It is more likely httpCode, if the field is provided by Splunk at all.  If it not already extracted, you need to first extract it.  If you need help with extraction, you will need to post raw data (anonymize as needed).

More than that, a good, answerable question should illustrate desired results and explain the logic between illustrated dataset and desired results.  This relieves volunteers of the burden to read your mind.  Statistically, mind reading is more wrong than correct.

This said, I interpret your intention as to discern the count and average timetaken - again, if this field is named such and already extracted in Splunk, by "success" or "failure" status.  Maybe this will help.

| eval status = if(match(httpCode, "200|30[0-4,78]"), "success", "failure")
| stats avg(timetaken) count by status

Note that 3xx return codes are generally success statuses.  Unless you have specific reasons to classify them as "failure", they should be grouped into success.

Hope this helps.

Has httpsCode been extracted OK? Please share some sample event, anonymised of course.

Thanks for the info shared able to fetch the results.....

I have another requirement like, I want to show an bar chart which should show the total login count in basis of the time period we submit

for example if we select 2 days it should show the bar chart where y is for login count and x is for time slection (in basis of day interval like 6thfeb  7th feb like this)