A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Pearson Coefficient of Two Fields
Failed Versus Successful Logon Attempts
Show how much disk space is used by _internal
Utilizing tstats for Page Views within Apache Web Logs
Sysmon - cmd line for non -local connections
Network Traffic Received in Megabytes over Time
Most Active Day and Least Active Day for IIS Web Traffic
Multiple Malware Detections on a Single Host
Qualys Top 10 Vulnerabilities by Severity
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.