A community-built SPL + dashboard repository

GoSplunk

Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.

Sample SPL

index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count

128

SPL searches

Hand-picked SPL searches from across the library.

Browse all

spl

Uncategorized

Windows Software Matrix

▲ 3 ▼ 0

by TeamC

spl

AI Crafted access_combined

Splunk SPL: Apache 404 Spike Detector (15m)

▲ 0 ▼ 0

by AI Crafted

spl

REST

List of Props.conf Extractions

▲ 2 ▼ 0

by ItsJohnLocke

spl

_internal

Forwarder TCP Connections info

▲ 4 ▼ 0

by thall

spl

splunkd _internal

Detect Scheduler Running Twice a Search

▲ 0 ▼ 0

by masdeeper

spl

_internal

Use TSTATS to find hosts no longer sending data

▲ 4 ▼ 0

by SplunkNinja

spl

REST

Show all Indexes and Sourcetypes via REST

▲ 3 ▼ 0

by ItsJohnLocke

spl

Malware

Malware Detection

▲ 10 ▼ 14

by ItsJohnLocke

spl

Hygiene

Search for duplicate events in Splunk

▲ 16 ▼ 2

by Azeemering

spl

audittrail

Internal Splunk User Modifications

▲ 2 ▼ 0

by CattyWampus

Dashboards

Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.

Browse all

dashboard

Dashboards

Nessus Security Center Dashboard

▲ 1 ▼ 3

by pjcordes

dashboard

REST

User Info Dashboard - Using REST

▲ 13 ▼ 0

by ItsJohnLocke

dashboard

Networking

Updated Netflow Activity dashboard

▲ 5 ▼ 0

by thall

dashboard

Dashboards

Windows Logon Dashboard

▲ 13 ▼ 2

by thall

dashboard

Dashboards

Deployed application status

▲ 1 ▼ 1

by manderso

dashboard

_audit Dashboards

Triggered Alert Analytics

▲ 6 ▼ 1

by riparino

dashboard

Dashboards

FireEye Internals Monitoring

▲ 4 ▼ 0

by LTRand

dashboard

_internal

Top 10 Accessed Dashboards

▲ 1 ▼ 1

by Azeemering

dashboard

_internal

Data Usage for Indexer and Forwarders

▲ 10 ▼ 0

by thall

dashboard

Dashboards

Windows service activity & MSI installs

▲ 5 ▼ 0

by thall