Join the Conversation
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Re: How do I show fastest growing products?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How do I show fastest growing products?
Hello,
I have a shop that sells different kind of products. Usually I have a search to show me the top 10 products sold in the last 24 hours, but some of the products in that list are all-time best-sellers and not so interesting to see (as I already know about those).
How do I get a list of top sold products that, let's say, are trending today (24 hours), but are not global trenders?
Example:
Today the top 10 sold products are:
1-milk*
2-beer*
3-tuna*
4-beef
5-cheese*
6-coffee*
7-bread
8-chicken
9-eggs
10-cereals*
Of those, the starred ones (*) 1, 2, 3, 5, 6, 10 are all-time sellers, so I would be more interested in showing only the not starred ones, which are trending today only:
-beef
-bread
-chicken
-eggs
My idea is to get the top 10 for the last 7 days, and then diff it with the top 10 of last 24 hours, but not sure if this is a good approach for what I want to accomplish, or what time-range to pick to find the all-time sellers.
The general idea is to show only the newcomers to this list of top 10 sold products. Or in other words, the products that are growing faster over a period of time.
Any suggestion?
Thanks a lot!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Try something like this
Your base search earliest=-14d@d latest=@d [search your base search earliest=@d latest=now | top 10 product showperc=f | table product | bucket span=1d _time | stats count by product _time | stats avg(count) as "Last2Weeks" by product | append [search your base search earliest=@d latest=now | top 10 product showperc=f | rename count as "Today"] | stats values(*) as * by product | where Today>1.25*Last2Week
Basically, get the top 10 products today, find the avg daily count for them in last 2 weeks, and compare them with today's count. My example threshold is 1.25 times (configured yours). The all time best sellers will not show much deviation from the average, so using that assumption for basis of this.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you provide a log sample? So a query could be devise.
Thanks,
Lp
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Index This | What travels the world but is also stuck in place?
Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data
Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...
