A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Escalation of Privileges via SU in Linux
List forwarders generating socket errors due to unkown SSL protocol
Failed Windows Remote Desktop Connection Attempt
Comparing Stats Time Over Time
Verify Windows Updates have been Applied
port scan attack (by juniper)
Investigate an IP through Palo Alto Logs
Add a count of events by fieldname
List of Extractions in Transforms.conf
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.