I needed to know how far back I can search my packets, logs and metadata and I created a shell script (netwitness_stats.sh) that runs on the SA Broker every 30 minutes that provides meta and packets statistics for a Concentrator, Decoder and LogDecoder.
# This script gets the statistics from the Concentrator/Decoders and create a
# web page that can be reviewed by the analysts.
# Statistics on SA server at URL: http://sa/stats/ (sa = the SA Broker IP or DNS name)
# Place the netwitness_stats.sh script in the /root/scripts directory.
# If it doesn't exist, create it and then add the following cronjob
# that will run every 30 minutes.
# To add the cronjob do: cronjob -e
# add the following two lines and save it.
# These statistics are queried every 15 minutes.
# 0,30 * * * * /home/scripts/netwitness_stats.sh > /dev/null 2>&1
Here is an example of the report which is updated every 30 minutes via cron