A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Total Hits on Least Active Day in IIS
Weekday Web Traffic Summary in IIS
Alert when ESCU updates detections
List All Hosts Associated with All Indexes
Microsoft AntiMalware Scan Completion
CPU Thresholds, Warnings, and Risk Scoring
Check your strftime is correct in the props.conf
Splunk Apps added to an instance
Worldmap with unique visitors last 24 hours
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.