Try this search. I don't know what your field names are but you could try this.
index=proxy_logs | transaction user startswith="www.trackedurl.com" maxevents=100
Putting some context around the search and improving the search.
index=proxylogs user=x #This searches the proxylogs index for user X. You can change.
transaction user startswith="www.trackedurl.com" maxevents=100 # Join all of the results by the user starting with the www.trackedurl.com url then getting a maximum event number of 100. So from the start of the first www.trackedurl.com go to 100 later events. You can increase or lower this number.
I have bluecoat logs, indexed in splunk. I need to extract information from url field. Condition I want is : if someone visited url: www.###.com then after that what are the next 5 url he visited.
Note here output i need is users who visited www.####.com and next 5 websited they visited.