A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Search Traffic by Source IP
Detect Scheduler Running Twice a Search
Search Common EventCodes (EventID's) for Suspicious Behavior
Search to show what apps are ready to be updated
Windows security daily domain activities
Top 25 Most Prevailing Vulnerabilities with Patches Available (Multiple OSs)- Qualys
Top exploitable vulnerabilities (tenable)
Detailed list of Universal Forwarders Reporting to Indexer
Top 10 most active Users in Linux
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.