we currently migrating Splunk to ELK, in Splunk we can calculate the average & standard deviation of the total events count by using query in Splunk :
earliest=-30d@d latest=@d | eval hour=strftime(_time,"%H") | bin _time span=d | stats count by _time hour | stats avg(count) as Average stdev(count) as StdDev by hour
https://docs.splunk.com/Documentation/Splunk/7.3.0/SearchReference/Stats
How can this be achieve by ELK in Discover ?