A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
identify knowledge objects, permissions and extractions
Active Directory Password change attempts
Linux Deletion of SSL Certificate (mitre : T1485 , T1070.004 , T1070)
Nr. of unique visitors per hour timechart
Splunk SPL: Top Apache Endpoints by Bytes (Daily)
Search All Traffic by src / action - Creates Table
Use REST to gather Index Info
Breathing Fire Dragon when Starting dbx_task_server
Convert Seconds to Hours Minutes Seconds HHMMSS
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.