A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Repeated Unsuccessful Logon Attempts in Linux
Search for duplicate events in Splunk
Groundspeed Violation/Improbable Access
REST Call for Memory & CPU usage on Splunk Servers
Active Directory Password change attempts
Total Unique Browsers detected in IIS logs
Count of Attackers on Juniper Devices
Monitor File Shares being Accessed in Windows
Median Duration of a Session within an IIS Web Environment
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.