Hi Joseppo

I tried it with chart builder and it seems working fine. You can see the aggregated sent/received bytes for each destination port.

SQL:

select `dstport`, string_agg(distinct `app`, ' ') as `app__agg_`, string_agg(distinct `user`, ' ') as `user__agg_`, string_agg(distinct ipstr(`dstip`), ' ') as `dstip__agg_`, string_agg(distinct `service`, ' ') as `service__agg_`, sum(sentbyte) as `sentbyte`, sum(rcvdbyte) as `rcvdbyte` from ###(select `dstport`, `app`, `user`, `dstip`, `service`, sum(sentbyte) as sentbyte, sum(rcvdbyte) as rcvdbyte from $log where $filter and (logflag&1>0) group by `dstport`, `app`, `user`, `dstip`, `service` order by `dstport`)### t group by `dstport` order by `dstport`

Hope it helps.