A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
List of Sourcetypes Sent by Forwarder
REST Call for Memory & CPU usage on Splunk Servers
check expected splunk version with reality
List of all enabled correlation rules that generate a notable
Logon Types within a Windows Environment (with logon count)
Blocked Firewall Scanning Activity with indicator if Source has been allowed.
Detailed list of Errors Per Host
DLL Serach Oreder Hijacking (mitre : T1574.001)
Investigate an IP through Palo Alto Logs
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.