A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Add a count of events by fieldname
DNS search for encoded data
Who's Using Splunk?
See who is using Splunk by user, app and view
How to Check When Splunk is finished Indexing a log file
Count of Unique Users in a Linux Environment
List of Users in a Linux Environment
Comparing Stats Time Over Time
Port usage for opsec sourcetype
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.