A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Qualys Active OS Vuln Count
List skipped searches by name, reason
System Time Modifications in Windows
Timestamp vs Indextime of Events (Diagnostic Query)
Network Usage by KB per minute on a Windows Box
Detailed User Activity
IPS Traffic Increase
Sysmon - Find Processes with Renamed Executables
Port usage for opsec sourcetype
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.