if you do not have _time values in your "table" than you probably want something like this:
| eval _time=start_time | timechart count avg(duration) max(duration) min(duration) median(duration)
Just use whatever statistical function you want, but I added a few common ones.
Also end time does not seem to be as relevant to me as start time and duration, so i have not used it in the query.
Can you explain what this will represent? Problem is I'm waiting for approval for me to actually go ahead and start it.... So its creating the _time variable which is used by timechart, and you're averaging duration? and max and min do what? and I want this to be per day, so it shows duration on a period of , e.g. a month, where we can see that the system is getting slower or faster.
If you want your aggregation per day you can specify span=1d in the timechart command.
min and max give you the highest and lowest value of duration per day, avg gives you the average duration each day and median will give you the median duration per day.
If you provide more information on what you are trying to find out and also provide a bit of example data, I could provide you with a more detailed help.