The third job is a generalization of the previous one; it will also help us understand which host has abnormally high traffic. We'll proceed using the same steps as the previous job to create this, with the difference that we won't split the job (using by_field_name) like we did earlier. The steps for this are as follows:

1. Create the job in the Advanced job wizard:

2. Running the job will give you a list of high traffic host anomalies, as shown in the following screenshot:

3. Clicking on one of the host anomalies will give you the following output:

Here, the relative host has traffic that's 31 times higher than typical traffic.

Since we have our three jobs and some anomaly data to play with, we are ready to create a couple of visualizations and compose our dashboard.