Splunk Search

How to search for the most popular purchased item X AND which other item was purchased most often with item X?

upuc
Explorer

I would like to search for common product-packages. So I want to look for one item (AAA) and find out which other item (XXX) was bought most often in the same purchase order (Orders with AAA).
I already clicked through the other questions on this page and found the following link:

http://docs.splunk.com/Documentation/Splunk/5.0.4/SearchReference/Correlate

Sadly, I'm not able to apply this query to my problem. Hope someone can help.
Best regards

Tags (2)

ppablo
Retired

Hi @upuc

Did the arules command that @martin_mueller suggested below work for your use case?

0 Karma

martin_mueller
SplunkTrust
SplunkTrust

According to the docs at http://docs.splunk.com/Documentation/Splunk/6.1.3/SearchReference/Arules you're looking for the arules command.

upuc
Explorer

Hello helpers!
Still no solution in sight. If maybe ppablo or martin found a way to handle this by now (?) it would be great if you could share.

0 Karma

ppablo
Retired

Hi @upuc

Did @martin_mueller's arules command suggestion not solve your issue? Didn't hear from you for a month.

0 Karma

martin_mueller
SplunkTrust
SplunkTrust

Let me know if and how that works though, I've always been wondering...

0 Karma

aweitzman
Motivator

A sample of event data would be very useful here. Is it the case that each line item in an order is a separate Splunk event? Or are they clumped together somehow, with all line items for an order in the same event?

0 Karma

upuc
Explorer

we save every item as a seperate event with a code for the underlying shopping cart.

0 Karma
Get Updates on the Splunk Community!

What's New in Splunk Enterprise 9.4: Features to Power Your Digital Resilience

Hey Splunky People! We are excited to share the latest updates in Splunk Enterprise 9.4. In this release we ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

SignalFlow: What? Why? How?

What is SignalFlow? Splunk Observability Cloud’s analytics engine, SignalFlow, opens up a world of in-depth ...