A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Failed Versus Successful Logon Attempts
Weekend Web Traffic Summary in IIS
Visits by Hour of the Day in IIS
Escalation of Privileges in a Windows Environment by User
REST Call for a list of Alert actions (Webhook_sms or Email or notable or ..)
Password changes in a Windows environment by user account
identify knowledge objects, permissions and extractions
Logon Types within a Windows Environment (with logon count)
Sysmon - Find Processes with Renamed Executables
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.