A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Search for disabled AD accounts that have been re-enabled
Qualys Top 10 Vulnerabilities by Severity
Internal Splunk User Modifications
Bucket Count by State over Index
Query for when PowerShell execution policy is set to Bypass
Disk Usage per Index by Indexer
F5 BigIP Brute Force and Session Abuse
Significant Data Ingress/Egress
Successful Windows Logons with Average Overlay
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.