Aggregation of select network traffic statistics

What is claimed is: 1. A method for aggregating network traffic statistics comprising: receiving, at a network appliance, a SYN network packet; storing, at the network appliance, header information from the SYN network packet in a flow data table; for each of the data packets related to the SYN network packet, storing header information of the data packets in the flow table; In response to receiving a FIN network packet is that is associated with the SYN network packet: accessing the flow data table for network information regarding packets that are processed through the network appliance for related data-packets, wherein the network information includes a network characteristic for the SYN network packet, the data packets related to the SYN network packet, and the FIN network packet, grouping related packets by aggregating the network information by the network characteristic and corresponding network metric, and storing a single row for the related data packets by the network characteristic and the corresponding network metric; after a predetermined amount of time or a predetermined number of rows is reached, invoking an eviction policy on the flow data table, wherein the eviction policy removes the related data packets from the flow data table; and populating an accumulating map with the flow data table. 2. The method of claim 1 , wherein the single row includes data from a same computer and received from different ports. 3. The method of claim 1 , wherein the single row is limited to the related data packets received during the predetermined amount of time. 4. The method of claim 1 , wherein the header information from the SYN network packet includes a source port, destination port, source address, destination address, and protocol. 5. The method of claim 1 , wherein the accumulating map is populated with internet protocol (IP) data used as a source or destination of the related data packets. 6. The method of claim 1 , wherein the accumulating map is transmitted to a network information collector. 7. The method of claim 1 , further comprising: indexing the accumulating map via a hash table; and determining a lowest value from the accumulating map based on the indexing. 8. network appliance for aggregating network traffic statistics to: receive a SYN network packet; store header information from the SYN network packet in a flow data table; for each of the data packets related to the SYN network packet, store header information of the data packets in the flow table; In response to receiving a FIN network packet is that is associated with the SYN network packet: access the flow data table for network information regarding packets that are processed through the network appliance for related data-packets, wherein the network information includes a network characteristic for the SYN network packet, the data packets related to the SYN network packet, and the FIN network packet, group related packets by aggregating aggregate the network information by the network characteristic and corresponding network metric, and store a single row for the related data packets by the network characteristic and the corresponding network metric; after a predetermined amount of time or a predetermined number of rows is reached, invoke an eviction policy on the flow data table, wherein the eviction policy removes the related data packets from the flow data table; and populate an accumulating map with the flow data table. 9. The network appliance of claim 8 , wherein the single row includes data from a same computer and received from different ports. 10. The network appliance of claim 8 , wherein the single row is limited to the related data packets received during the predetermined amount of time. 11. The network appliance of claim 8 , wherein the header information from the SYN network packet includes a source port, destination port, source address, destination address, and protocol. 12. The network appliance of claim 8 , wherein the accumulating map is populated with internet protocol (IP) data used as a source or destination of the related data packets. 13. The network appliance of claim 8 , wherein the accumulating map is transmitted to a network information collector. 14. The network appliance of claim 8 , further to: index the accumulating map via a hash table; and determine a lowest value from the accumulating map based on the indexing. 15. A non-transitory computer-readable storage medium storing a plurality of instructions executable by one or more processors, the plurality of instructions when executed by the one or more processors cause the one or more processors to: receive a SYN network packet; store header information from the SYN network packet in a flow data table; for each of the data packets related to the SYN network packet, store header information of the data packets in the flow table. 16. The computer-readable storage medium of claim 15 , wherein the single row includes data from a same computer and received from different ports. 17. The computer-readable storage medium of claim 15 , wherein the single row is limited to the related data packets received during the predetermined amount of time. 18. The computer-readable storage medium of claim 15 , wherein the header information from the SYN network packet includes a source port, destination port, source address, destination address, and protocol. 19. The computer-readable storage medium of claim 15 , wherein the accumulating map is populated with internet protocol (IP) data used as a source or destination of the related data packets. 20. The computer-readable storage medium of claim 15 , wherein the accumulating map is transmitted to a network information collector.