A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Verify Windows Updates have been Applied
Real Time IIS Web Site Connections
Overview of all medium to critical risks for Win20xx
Blocked Firewall Scanning Activity with indicator if Source has been allowed.
Character Count Per Event
Extract DNS Queries from netscaler syslog
find blocking queues
Remove mulitple values from a multivalue field
Clean or Delete Data in a given Source
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.