Splunk Search

How to search for the most popular purchased item X AND which other item was purchased most often with item X?

upuc
Explorer

I would like to search for common product-packages. So I want to look for one item (AAA) and find out which other item (XXX) was bought most often in the same purchase order (Orders with AAA).
I already clicked through the other questions on this page and found the following link:

http://docs.splunk.com/Documentation/Splunk/5.0.4/SearchReference/Correlate

Sadly, I'm not able to apply this query to my problem. Hope someone can help.
Best regards

Tags (2)

ppablo
Retired

Hi @upuc

Did the arules command that @martin_mueller suggested below work for your use case?

0 Karma

martin_mueller
SplunkTrust
SplunkTrust

According to the docs at http://docs.splunk.com/Documentation/Splunk/6.1.3/SearchReference/Arules you're looking for the arules command.

upuc
Explorer

Hello helpers!
Still no solution in sight. If maybe ppablo or martin found a way to handle this by now (?) it would be great if you could share.

0 Karma

ppablo
Retired

Hi @upuc

Did @martin_mueller's arules command suggestion not solve your issue? Didn't hear from you for a month.

0 Karma

martin_mueller
SplunkTrust
SplunkTrust

Let me know if and how that works though, I've always been wondering...

0 Karma

aweitzman
Motivator

A sample of event data would be very useful here. Is it the case that each line item in an order is a separate Splunk event? Or are they clumped together somehow, with all line items for an order in the same event?

0 Karma

upuc
Explorer

we save every item as a seperate event with a code for the underlying shopping cart.

0 Karma
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...