A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
User Agent – Operating System Info for web traffic
Account Enabled in Windows
Number of Hosts the Root Account was Detected on
Data model Acceleration Details
Clearing of Windows Audit Logs
Basic binary conversion for IPv4 Mask
Pass the Hash Detection
List permissions for Users, roles, allowed indexes and indexes searched by default
Detect ShellShock Attempts in Apache Logs
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.