I am trying to build a base search for the field message.device.category , it has 3 values: desktop , mobile and tablet.

Using eval I am trying to divide the field with separate values.

search | eval MobileUsers=if("message.device.category" == "Mobile", "Mobile",NULL) |eval DesktopUsers=if("message.device.category" == "Desktop", "Desktop",NULL) |eval tabUsers=if("message.device.category" == "Tablet", "Tablet",NULL) |event stats count(DesktopUsers) ,count (MobileUsers) ,count(tabUsers)

its not returning any values in the counts.