diff --git a/CHANGELOG.md b/CHANGELOG.md
index a2ff84a67d..917448a4bd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@ All notable changes to this project will be documented in this file based on the
 ### Bugfixes
 
 ### Added
+* Add `network.total.packets` and `network.total.bytes` field. PR#2
 * Add `event.action` field. #21
 * Adds cloud.account.id for top level organizational level. #11
 * Add `http.response.status_code` and `http.response.body` fields. #4
diff --git a/README.md b/README.md
index 25ee7007f2..7958f0373a 100644
--- a/README.md
+++ b/README.md
@@ -290,6 +290,8 @@ Fields related to network data.
 | <a name="network.inbound.packets"></a>`network.inbound.packets`  | Network inbound packets.  | long  |   | `12`  |
 | <a name="network.outbound.bytes"></a>`network.outbound.bytes`  | Network outbound bytes.  | long  |   | `184`  |
 | <a name="network.outbound.packets"></a>`network.outbound.packets`  | Network outbound packets.  | long  |   | `12`  |
+| <a name="network.total.bytes"></a>`network.total.bytes`  | Network total bytes. The sum of inbound.bytes + outbound.bytes.  | long  |   | `368`  |
+| <a name="network.total.packets"></a>`network.total.packets`  | Network outbound packets. The sum of inbound.packets + outbound.packets  | long  |   | `24`  |
 
 
 ## <a name="organization"></a> Organization fields
diff --git a/schema.csv b/schema.csv
index 70243749ed..960d76840e 100644
--- a/schema.csv
+++ b/schema.csv
@@ -98,6 +98,8 @@ network.inbound.packets,long,0,12
 network.outbound.bytes,long,0,184
 network.outbound.packets,long,0,12
 network.protocol,keyword,0,http
+network.total.bytes,long,0,368
+network.total.packets,long,0,24
 organization.id,keyword,0,
 organization.name,text,0,
 os.family,keyword,0,debian
diff --git a/schemas/network.yml b/schemas/network.yml
index cb01d03cab..9e85393757 100644
--- a/schemas/network.yml
+++ b/schemas/network.yml
@@ -48,3 +48,13 @@
       description: >
         Network outbound packets.
       example: 12
+    - name: total.bytes
+      type: long
+      description: >
+        Network total bytes. The sum of inbound.bytes + outbound.bytes.
+      example: 368
+    - name: total.packets
+      type: long
+      description: >
+        Network outbound packets. The sum of inbound.packets + outbound.packets
+      example: 24
diff --git a/template.json b/template.json
index bb53819a73..97acc00277 100644
--- a/template.json
+++ b/template.json
@@ -510,6 +510,16 @@
             "protocol": {
               "ignore_above": 1024,
               "type": "keyword"
+            },
+            "total": {
+              "properties": {
+                "bytes": {
+                  "type": "long"
+                },
+                "packets": {
+                  "type": "long"
+                }
+              }
             }
           }
         },