A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Clearing of Windows Audit Logs
Network Traffic Sent in Megabytes over Time
Escalation of Privileges in a Windows Environment by User
List of Users in a Linux Environment
Qualys 30 Day trending of Re-Opened Vulnerabilities
Evaluate Fahrenheit to Celsius
IPS Traffic Increase
Failed Windows Remote Desktop Connection Attempt
Top 10 most vulnerable systems (Tenable)
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.