diff --git a/ListIncomingAndOutgoingMBytesPerHourFromSMTPLog b/ListIncomingAndOutgoingMBytesPerHourFromSMTPLog
new file mode 100644
index 0000000..5b177d9
--- /dev/null
+++ b/ListIncomingAndOutgoingMBytesPerHourFromSMTPLog
@@ -0,0 +1,4 @@
+SMTPLogs_CL 
+| parse RawData with Date " " Time " " CIP " " CSUserName " " SSiteName " " SComputerName " " SIP " " SPort " " CSMethod " " CSUriStem " " csuriquery " " scstatus " " scwin32status " " scbytes " " csbytes " " *
+| summarize incomingMB=((sum(toint(csbytes))/1024)/1024) , outgoingMB=((sum(toint(scbytes))/1024)/1024) by Hours=bin(todatetime(strcat(Date , " " , Time)), 1h) 
+| sort by Hours asc