Ok I'm rewriting the question as it has become much simpler than before. All I need to do is have a way the get the length of the current time range I am searching over (as a variable I hope) so that I can use it in eval. What I have now is:
search term |bucket _time span=1m | stats count by _time,punct | eval occurred=if(count!=0,1,0)| stats sum(count) AS sum,sum(occurred) AS num_of_mins_occurred,mean(count) AS mean,stdev(count) AS standard_deviation by punct |eval hourly=if((num_of_mins_occurred/4)=1,"True","False")