I would like to search for common product-packages. So I want to look for one item (AAA) and find out which other item (XXX) was bought most often in the same purchase order (Orders with AAA).
I already clicked through the other questions on this page and found the following link:
Sadly, I'm not able to apply this query to my problem. Hope someone can help.
A sample of event data would be very useful here. Is it the case that each line item in an order is a separate Splunk event? Or are they clumped together somehow, with all line items for an order in the same event?