A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
List All Splunk Users & Associated Roles
User Logon / Session Duration
Events Sent to Null Que - Internal Logs
Queries Executed in DBConnect
Monitor File Shares being Accessed in Windows
Alert when ESCU updates detections
List Ports Forwarders are Using
F5 BigIP Brute Force and Session Abuse
Logon Types within a Windows Environment (with logon count)
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.