Aggregation of select network traffic statistics

What is claimed is: 1. A network appliance for aggregating network traffic statistics in a Wide Area Communication Network (WAN), the network appliance to: determine a plurality of network flow strings that are transmitted from the network appliance or received at the network appliance, wherein the plurality of network flow strings are transmitted between two or more network appliances communicating via the WAN, wherein the two or more network appliances communicating via the WAN are physical or virtual network appliances deployed in the WAN, and wherein communications via the WAN are transmitted using a secure tunnel between the two or more network appliances using encryption, access control lists (ACLS), compression, fragmentation, and error detection and correction provided by the network appliance; extract a network metric of the plurality of network flow strings; aggregate values associated with the network metric over the plurality of network flow strings; generate an accumulating map, wherein the accumulating map comprises the values associated with the aggregated network metric, wherein the accumulating map is associated with an eviction policy for determining when a record in the accumulating map is aggregated into a higher level record in the accumulating map, and wherein the higher level record removes low level technology in a hierarchy of devices in the communication network, keeps high level technology in the hierarchy of devices in the communication network, and creates the higher level record that is shorter in length than the record that included the low level technology; when a new network flow string is received, invoke the eviction policy on the new network flow string, wherein the eviction policy removes at least one of the plurality of network flow strings from the accumulating map; and transmit the accumulating map, but not the plurality of network flow strings, to a network information collector in communication with the network appliance. 2. The network appliance of claim 1 , wherein the values associated with the aggregated network metric in the accumulating map are stored in a plurality of bins associated with numeric ranges. 3. The network appliance of claim 2 , wherein the eviction policy removes the at least one of the plurality of network flow strings from a lowest value bin of the plurality of bins. 4. The network appliance of claim 1 , wherein the accumulating map comprises an eviction log for collected information in excess of a target number of entries for a specified time period. 5. The network appliance of claim 1 , wherein the network metric is a packet count, byte count, timestamp, or traffic type. 6. The network appliance of claim 1 , wherein the accumulating map is transmitted to the network information collector on a predetermined periodic basis. 7. The network appliance of claim 1 , wherein the accumulating map is transmitted to the network information collector on an activation of a condition. 8. The network appliance of claim 1 , the network appliance further to: upon transmitting the accumulating map to the network information collector, generate a second accumulating map associated with the eviction policy. 9. A computer-implemented method for aggregating network traffic statistics in a Wide Area Communication Network (WAN), the method comprising: determining a plurality of network flow strings that are transmitted from the network appliance or received at the network appliance, wherein the plurality of network flow strings are transmitted between two or more network appliances communicating via the WAN, wherein the two or more network appliances communicating via the WAN are physical or virtual network appliances deployed in the WAN, and wherein communications via the WAN are transmitted using a secure tunnel between the two or more network appliances using encryption, access control lists (ACLS), compression, fragmentation, and error detection and correction provided by the network appliance; extracting a network metric of the plurality of network flow strings; aggregating values associated with the network metric over the plurality of network flow strings; generating an accumulating map, wherein the accumulating map comprises the values associated with the aggregated network metric, wherein the accumulating map is associated with an eviction policy for determining when a record in the accumulating map is aggregated into a higher level record in the accumulating map, and wherein the higher level record removes low level technology in a hierarchy of devices in the communication network, keeps high level technology in the hierarchy of devices in the communication network, and creates the higher level record that is shorter in length than the record that included the low level technology; when a new network flow string is received, invoking the eviction policy on the new network flow string, wherein the eviction policy removes at least one of the plurality of network flow strings from the accumulating map; and transmitting the accumulating map, but not the plurality of network flow strings, to a network information collector in communication with the network appliance. 10. The computer-implemented method of claim 9 , wherein the values associated with the aggregated network metric in the accumulating map are stored in a plurality of bins associated with numeric ranges. 11. The computer-implemented method of claim 10 , wherein the eviction policy removes the at least one of the plurality of network flow strings from a lowest value bin of the plurality of bins. 12. The computer-implemented method of claim 9 , wherein the accumulating map comprises an eviction log for collected information in excess of a target number of entries for a specified time period. 13. The computer-implemented method of claim 9 , wherein the network metric is a packet count, byte count, timestamp, or traffic type. 14. The computer-implemented method of claim 9 , wherein the accumulating map is transmitted to the network information collector on a predetermined periodic basis. 15. The computer-implemented method of claim 9 , wherein the accumulating map is transmitted to the network information collector on an activation of a condition. 16. The computer-implemented method of claim 9 , the network appliance further to: upon transmitting the accumulating map to the network information collector, generate a second accumulating map associated with the eviction policy. 17. A non-transitory computer-readable storage medium storing a plurality of instructions executable by one or more processors, the plurality of instructions when executed by the one or more processors cause the one or more processors to: determine a plurality of network flow strings that are transmitted from the network appliance or received at the network appliance, wherein the plurality of network flow strings are transmitted between two or more network appliances communicating via a Wide Area Communication Network (WAN), wherein the two or more network appliances communicating via the WAN are physical or virtual network appliances deployed in the WAN, and wherein communications via the WAN are transmitted using a secure tunnel between the two or more network appliances using encryption, access control lists (ACLS), compression, fragmentation, and error detection and correction provided by the network appliance; extract a network metric of the plurality of network flow strings; aggregate values associated with the network metric over the plurality of network flow stri