A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Windows File Access Attempts
Detailed User Activity
List of all enabled correlation rules that generate a notable
Find where actual hostnames don't match the host from the Universal Forwarder
Timechart of Linux Logons
Find duplicate events
count all events for 1 or multiple index(es)
List of index available to your role
Introspection - Memory used by SID (Search ID)
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.