A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Count of Unique Users in a Linux Environment
Alert when ESCU updates detections
REST Call for a get details about Alert cron_schedules
Splunk Objects With Permissions Granted to Non-existent Roles
Visits by Days of the Week in IIS
Convert Seconds to Hours Minutes Seconds HHMMSS
Average Search Duration
Failed Login to OSX
Changes to Windows User Groups by Account
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.