A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Who's Using Splunk?
REST Call for Memory & CPU usage on Splunk Servers
Splunk Objects With Permissions Granted to Non-existent Roles
Count of Host added to Splunk by Month
Sourcetype missing in Datamodels
Active Directory Password change attempts
Real Time IIS Web Site Connections
Account Modifications in a Windows Environment
Query to see incidents logged by correlation search in ES incident review dashboard
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.