A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Accounts Deleted within 24 Hours of Creation
Overview of all medium to critical risks for Win20xx
Gauge of Windows Failed Logons
Remediation Tracking Trend - Qualys
Top 10 most vulnerable systems (Tenable)
REST Call for a list of Alert actions (Webhook_sms or Email or notable or ..)
Remove Z or T string from your Timestamp
Direct and Referred Apache Web Traffic
Get Sourcetype and Index Info via TSTATS
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.