From bae9b0043463246b2982de9cec7baca7029cb9ea Mon Sep 17 00:00:00 2001
From: bmcder <33434002+bmcder@users.noreply.github.com>
Date: Thu, 19 Apr 2018 08:55:51 +0000
Subject: [PATCH] Create ListIncomingAndOutgoingMBytesPerHourFromSMTPLog

List the incoming and outgoing MBytes per hour from the SMTP Log
---
 ListIncomingAndOutgoingMBytesPerHourFromSMTPLog | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 ListIncomingAndOutgoingMBytesPerHourFromSMTPLog

diff --git a/ListIncomingAndOutgoingMBytesPerHourFromSMTPLog b/ListIncomingAndOutgoingMBytesPerHourFromSMTPLog
new file mode 100644
index 0000000..5b177d9
--- /dev/null
+++ b/ListIncomingAndOutgoingMBytesPerHourFromSMTPLog
@@ -0,0 +1,4 @@
+SMTPLogs_CL 
+| parse RawData with Date " " Time " " CIP " " CSUserName " " SSiteName " " SComputerName " " SIP " " SPort " " CSMethod " " CSUriStem " " csuriquery " " scstatus " " scwin32status " " scbytes " " csbytes " " *
+| summarize incomingMB=((sum(toint(csbytes))/1024)/1024) , outgoingMB=((sum(toint(scbytes))/1024)/1024) by Hours=bin(todatetime(strcat(Date , " " , Time)), 1h) 
+| sort by Hours asc