A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
rangemap command with single value string
List permissions for Users, roles, allowed indexes and indexes searched by default
List All Hosts Associated with All Indexes
List of Users in a Linux Environment
1st time connection between servers (FTD CISCO)
Show all currently logged in users
F5 BigIP Brute Force and Session Abuse
identify knowledge objects, permissions and extractions
Current vulnerabilities from tenable.io
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.