A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Password changes in a Windows environment by user account
Show all successful splunk configuration changes by user
Splunk Query to report on users logging on to the Splunk Web Console
IPS Traffic Increase
High Severity Vulnerabilities - Qualys
Check your strftime is correct in the props.conf
Find success login after 10 failures with streamstats
Accounts Deleted in a Windows Environment
Failed Logins Windows
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.