I would like to search for common product-packages. So I want to look for one item (AAA) and find out which other item (XXX) was bought most often in the same purchase order (Orders with AAA).
I already clicked through the other questions on this page and found the following link:
Sadly, I'm not able to apply this query to my problem. Hope someone can help.
Did the arules command that @martin_mueller suggested below work for your use case?
According to the docs at http://docs.splunk.com/Documentation/Splunk/6.1.3/SearchReference/Arules you're looking for the
Still no solution in sight. If maybe ppablo or martin found a way to handle this by now (?) it would be great if you could share.
Did @martin_mueller's arules command suggestion not solve your issue? Didn't hear from you for a month.
Let me know if and how that works though, I've always been wondering...
A sample of event data would be very useful here. Is it the case that each line item in an order is a separate Splunk event? Or are they clumped together somehow, with all line items for an order in the same event?
we save every item as a seperate event with a code for the underlying shopping cart.