A community-built SPL + dashboard repository
GoSplunk
Discover field-tested SPL searches and full dashboard XML you can copy straight into Splunk.
Sample SPL
index=security EventCode=4625
| stats count by Account_Name, ComputerName
| sort - count 128
SPL searches
Hand-picked SPL searches from across the library.
Clean or Delete Data in a given Source
File Accesses in a Windows Environment by user
Baselining Dashboard
List permissions for Users, roles, allowed indexes and indexes searched by default
Query for when PowerShell execution policy is set to Bypass
Apache access_logs status code reporting
Simple GeoIP Information for Web Traffic
Weekday Web Traffic Summary in IIS
Detect Dying Sourcetypes
Dashboards
Full XML dashboards with panels, inputs, and drilldowns. Copy once, ship instantly.