A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Concurrent Users on Apache Web
Find where actual hostnames don't match the host from the Universal Forwarder
Listing incident review and the closing comments
Host not sending logs for x days
License Usage by Sourcetypes
Number of Accounts Created in a Windows Environment
Successful Linux Logons by Username
Dashboard and App views by user
Top exploitable vulnerabilities (tenable)
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.