Want to display count as zero in statistics when there is no events for a IP.

index=bc cs_host="collector" NOT 10.xx,xxx.121 c_ip=10.xx.xxx.233 OR c_ip=10.xx.xxx.234 OR c_ip=10.xx.xxx.248 OR c_ip=10.xx.xxx.250 OR c_ip=10.xx.xxx.42 OR c_ip=10.xx.xxx.43 |stats count by c_ip It only display the count which has event, how could i force in search to display zero there is no data/event for an IP. The screenshot display only the IP which has results but not showing which didnt have data/event.![alt text][1] [1]: /storage/temp/274204-splunk1.png