This search should give you the answer

index=_internal Metrics "group=per_source_thruput" NOT series="/Applications/splunk34/splunk/var/log/splunk/license_audit.log" NOT series="/Applications/splunk34/splunk/var/log/splunk/metrics.log" NOT series="/Applications/splunk34/splunk/var/log/splunk/searchhistory.log" NOT series="/Applications/splunk34/splunk/var/log/splunk/splunkd.log" NOT series="/Applications/splunk34/splunk/var/log/splunk/splunklogger.log" NOT series="/Applications/splunk34/splunk/var/log/splunk/web_access.log" NOT series="/Applications/splunk34/splunk/var/log/splunk/web_service.log" NOT series="filetracker" NOT series="audittrail" NOT series="fschangemonitor" | timechart span=1d sum(kb) by series