Three more very useful parameters available, apart from the transaction command, are maxpause, maxspan, and maxevents. These parameters allow you to apply more constraints around the duration and size of transactions and can be used individually or all together for even more precise constriction.
Adding the maxpause=30s parameter to the search in the recipe tells the transaction command that there must be no pause between events greater than 30 seconds, otherwise the grouping breaks. By default, there is no limit:
index=main sourcetype=access_combined | transaction JSESSIONID maxpause=30s | stats avg(duration) AS Avg_Session_Time
Adding the maxspan=30m parameter to the search in the ...