A community-built SPL + dashboard repository

GoSplunk

Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.

Browse SPL Submit your SPL

Sample SPL

index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count

128

SPL searches

Hand-picked SPL searches from across the library.

spl

Removal of USB Storage Device

▲ 5 ▼ 0

by SplunkNinja

spl

WinEventLog:Security

Successful File Access Attempts and Filename Accessed

▲ 3 ▼ 0

by SplunkNinja

spl

Perfmon:Network Interface

Network Traffic Sent in Megabytes over Time

▲ 4 ▼ 0

by SplunkNinja

spl

Total Unique Browsers detected in IIS logs

▲ 0 ▼ 6

by SplunkNinja

spl

Total Hits on Least Active Day in IIS

▲ 0 ▼ 0

by SplunkNinja

spl

Port usage for opsec sourcetype

▲ 1 ▼ 0

by pradeep577

spl

Uncategorized Fun Stuff & Helpful Hints

Pearson Coefficient of Two Fields

▲ 4 ▼ 0

by yangzd

spl

Failed Attempts to Logon to Splunk Web

▲ 4 ▼ 2

by SplunkNinja

spl

Index Modifications

▲ 1 ▼ 1

by john117

spl

Forwarder Diagnostics - Last time Data Was Received by Index and Sourcetype

▲ 28 ▼ 3

by SplunkNinja

Dashboards

Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.

dashboard

Alerts in a Panel with Drilldown

▲ 7 ▼ 0

by AzJimbo

dashboard

Simple File Integrity Monitoring Management Dashboard

▲ 15 ▼ 3

by splunkzilla

dashboard

Windows Account Management Dashboard

▲ 3 ▼ 0

by thall

dashboard

Searching Your Searches

▲ 13 ▼ 0

by kdor

dashboard

Truncated Data Issues

▲ 2 ▼ 0

by manderso

dashboard

Updated Netflow Activity dashboard

▲ 5 ▼ 0

by thall

dashboard

Top 10 Accessed Dashboards

▲ 1 ▼ 1

by Azeemering

dashboard

Apache Traffic Dashboard

▲ 12 ▼ 0

by SplunkNinja

dashboard

Dashboard to measure Indexes and Sourcetypes, based upon first and last date of events

▲ 2 ▼ 0

by thelawsofchaos

dashboard

Windows Sysmon Process Dashboard

▲ 7 ▼ 3

by thall