A community-built SPL + dashboard repository

GoSplunk

Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.

Sample SPL

index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count

128

SPL searches

Hand-picked SPL searches from across the library.

Browse all

spl

linux_secure

List of Users in a Linux Environment

▲ 3 ▼ 0

by SplunkNinja

spl

WinEventLog:Security

Failed Attempt to Login to a Disabled Account

▲ 12 ▼ 2

by SplunkNinja

spl

Networking

Groundspeed Violation/Improbable Access

▲ 6 ▼ 0

by riparino

spl

apache access_combined

Apache access_logs status code reporting

▲ 7 ▼ 0

by Suren

spl

Cron

Linux Cron Job Information

▲ 5 ▼ 0

by SplunkNinja

spl

REST

List of Alerts via REST

▲ 3 ▼ 2

by ItsJohnLocke

spl

Qualys

New Vulnerabilities Detected Since Last Scan - Qualys

▲ 0 ▼ 0

by SplunkNinja

spl

Qualys

Qualys Top 10 Vulnerabilities by Severity

▲ 2 ▼ 0

by CattyWampus

spl

_internal

License Usage by Index per Day

▲ 39 ▼ 4

by SplunkNinja

spl

Malware

Malware Detection

▲ 10 ▼ 14

by ItsJohnLocke

Dashboards

Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.

Browse all

dashboard

_audit Dashboards

Triggered Alert Analytics

▲ 6 ▼ 1

by riparino

dashboard

Dashboards

Windows Logon Dashboard

▲ 13 ▼ 2

by thall

dashboard

_internal

Top 10 Accessed Dashboards

▲ 1 ▼ 1

by Azeemering

dashboard

Dashboards

NIX Debian Package (dpkg.log) Dashboard

▲ 1 ▼ 0

by thall

dashboard

Dashboards

Windows Account Management Dashboard

▲ 3 ▼ 0

by thall

dashboard

Dashboards

Apache Traffic Dashboard

▲ 12 ▼ 0

by SplunkNinja

dashboard

Dashboards

ESCU Update Tracking

▲ 0 ▼ 0

by AzJimbo

dashboard

Networking

Updated Netflow Activity dashboard

▲ 5 ▼ 0

by thall

dashboard

Dashboards

emoji bonanza

▲ 10 ▼ 1

by AzJimbo

dashboard

_audit

Splunk dashboard that displays User searches

▲ 22 ▼ 0

by thall