A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Detailed User Activity
Create a lookup with random test ip's
Visits by Days of the Week in IIS
Correlation Search Audit Search
All indexes not explicitly granted to a role
Original posted in 2015 Testing an issue with brackets
Splunk Admin Account Activity - Account Modifications
Shutdown or Suspend a Service in Windows
Get Sourcetype and Index Info via TSTATS
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.