A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
License Usage by Pool per hour for last 24 hours
Total Number of Hosts reporting in.
Show uptime in Days
Password changes in a Windows environment by user account
Alert when ESCU updates detections
Detailed User Activity
Potential Suspicious Activity in Windows
SSL certificates about to expire
Indexes size and EPS
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.