A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Visits by Hour of the Day in IIS
Query to see incidents logged by correlation search in ES incident review dashboard
Free Disk Space for each Drive Letter
Datamodel Search Performance
List of Forwarders that are Deployment Clients
Port usage for opsec sourcetype
REST Call for a get details about Alert cron_schedules
Detailed list of Errors Per Host
Blocked Firewall Scanning Activity with indicator if Source has been allowed.
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.