A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Sysmon - cmd line for non -local connections
List Inputs using REST
File Accesses in a Windows Environment by user
Accounts Deleted via EventID's that Correspond with Post XP/2003 Operating Systems
Apps Deployed from Deployment Server
Splunk SPL: Apache 404 Spike Detector (15m)
Port usage for opsec sourcetype
List of Sourcetypes Sent by Forwarder
List of Legitimate Account Names in Windows
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.