A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Query for when PowerShell execution policy is set to Bypass
Get unexpected shutdown date with downtime duration
License Usage Prediction
Splunk Query to report on users logging on to the Splunk Web Console
Universal Forwarder Throughput Limit Hit Count
Search to show what apps are ready to be updated
Splunk Apps added to an instance
Escalation of Privileges via SU in Linux
Significant Data Ingress/Egress
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.