Skip to main content

Data & Intelligence

Web Server Data Analysis Using Splunk

Business Scenario:
In an e-commerce website, we have certain queries such as how many customers are visiting a particular product but not purchasing the product.
What are the reasons for not purchasing the product? Maybe the price of the product is too high?
What products have customers added to their cart but not purchased?

This analysis allows us to give more attention to those products and may result in decreasing the price to attract and win a customer purchase.

Problem:
From the webserver logs we can’t get the product names and price most of the times. Hence we can’t do our sentimental analysis in 360 degrees.

Solution:

Data Intelligence - The Future of Big Data
The Future of Big Data

With some guidance, you can craft a data platform that is right for your organization’s needs and gets the most return from your data capital.

Get the Guide

How to add look-up table: http://docs.splunk.com/Documentation/Splunk/6.2.4/SearchTutorial/Usefieldlookups
In the above example the price and product names are from the lookup table, not from the web server logs.
In the search option, it is not limited to search by only one keyword. The user can pass the analytical query and fetch the result accordingly. Here the query looks more like pseudo code and not exactly like an oracle/SQL query.

Web Server Data Analysis Using Splunk

sourcetype=access_* status=200 action=purchase [search sourcetype=access_* status=200 action=purchase | top limit=1 clientip | table clientip] | stats count AS “Total Purchased”, dc(productId) AS “Total Products”, values(productName) AS “Product Names” by clientip | rename clientip AS “VIP Customer”

sourcetype=access_* status=200 action=purchase
Filter the data for this condition and defining data set for your analysis.

[search sourcetype=access_* status=200 action=purchase | top limit=1 clientip | table clientip]
Do the rank and limit the record to the top most client. For the rest we select other column to display.
values (product Name) AS “Product Names” by clientip

Web Server Data Analysis Using Splunk
Here the product name scope is set to client ip.
The same data set can also be viewed as a visualization.

Web Server Data Analysis Using Splunk

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Jayasudha Anand

More from this Author

Follow Us
TwitterLinkedinFacebookYoutubeInstagram