A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
List forwarders generating socket errors due to unkown SSL protocol
identify knowledge objects, permissions and extractions
Show your triggered alerts
Dashboard and App views by user
Failed Logon Attempts - Windows
Remove mulitple values from a multivalue field
Accounts Deleted in a Windows Environment
Every index explicitly granted to a role
Linux Deletion of SSL Certificate (mitre : T1485 , T1070.004 , T1070)
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.