A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Top 10 most active Users in Linux
Find success login after 10 failures with streamstats
Accounts Disabled
Splunk License Gauge
Character Count Per Event
Failed Attempt to Login to a Disabled Account
Identifying Hosts not sending data for more than 6 hours
Top 10 most vulnerable systems (Tenable)
Top 10 Most Active Hosts in a Linux Environment
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.