A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
REST Call for a list of Alert actions (Webhook_sms or Email or notable or ..)
Successful Login to OSX
List skipped searches by name, reason
Total Unique Browsers detected in IIS logs
Query to see incidents logged by correlation search in ES incident review dashboard
Microsoft Antimalware Malware Detection Details
Failed Authentication to Non-existing Accounts
Windows Time Change
User Logon, Logoff, and Duration
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.