A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
IIS Response Time
Accounts Disabled
Number of Vulnerabilities Detected - Qualys
Top Offending SSH Failure by Source IP
Number of Accounts Created in a Windows Environment
Repeated Unsuccessful Logon Attempts in Linux
Create a lookup with random test ip's
Get list of concurrent users on a specific server
Search All Traffic by src / action - Creates Table
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.