Okay, since Question is a multi-valued field, we need a way to "break out" all the values for question. The mvexpand command will do that. Also, by default the rex command will only extract the first occurrence of the regular expression unless you specify max_match.

Try this:

mysearch 
| rex field=_raw max_match=150 "<question>(?<question>.*?)\<" 
| mvexpand question
| top question

not exactly this i need..actually in my event i had this abc....etc tag more then 100 times for each event.
When i created the rex expression like this..

mysearch | rex field=_raw "(?[^<]*)<" | top Question

i dnt think all the values are displayed for Question Field..even i use the limit followed by top command..

is there any option like MAX_LENGTH with top to display all the values of Question Tag..

When you say "one event has max 100 questions," do you mean that each event can have more than one question? Is Question a multi-valued field?

Assuming that Question is not a multi-valued field, try

myseach | stats count by Questions | sort -count

This will give you a list of all Questions, whether there are 50 or 500...

You might want to take a look at some other possible stats functions, such as distinct_count, here

The default for the top command is 10 values. You can do either of the following to get the top 100.

... | top 100 Questions   or   ... | top limit=100 Questions

http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/top