A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Changes to Windows User Groups by Account
REST API response time
Retention Period in days per index
Weekend User Activity
Windows Failed Logons with Average Overlay
Median Duration of a Session within an IIS Web Environment
List permissions for Users, roles, allowed indexes and indexes searched by default
Accounts Deleted via EventID's that Correspond with Post XP/2003 Operating Systems
Query to see incidents logged by correlation search in ES incident review dashboard
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.