SUMMARY:

• Experience in configuring, implementing, analyzing and supporting Splunk server infrastructure across Windows, UNIX and Linux. Experience with a variety of Operating Systems, Protocols and Tools depending on the type of platform or application to be administered.
• Multi - cultural experience of around 5 years IT experience and as Splunk administration and Splunk developer on varied projects which involves Design and Development of client/server. In platform consisting of Red Hat Linux, Windows, and Sun Solaris operating systems.
• Worked on Security solutions (SIEM) that enable organizations to detect, respond and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions.
• Created Reports, Alerts and Dashboards by Splunk query language. Experienced in creating and running Cron Jobs for scheduled tasks.
• Experience in creating Access controls, to user by creating AD (Active Directory) groups power and user groups.
• Experience with Active Directory and SSO Single sign-On option.
• Experience in Splunk development (creating apps, dashboards, data models, etc.
• Experience on Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Experience with Splunk Searching and Reporting modules -- (Splunk ITSI and Enterprise Security App) Knowledge Objects.
• Knowledge on ITSI.
• Administration, Dashboards, Clustering and Forwarder Management.
• Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Monitored Database Connection Health by using Splunk DB connects health dashboards.
• Expertise in creating accurate reports, Dashboards, Visualizations and Pivot tables for the business users.
• Parsing, Indexing, searching concepts Hot, Warm, Cold, Frozen bucketing.
• Knowledge about Splunk architecture and various components (Indexer, forwarder, search head, deployment server).
• Have excellent logical, analytical & debugging skills Possesses high working qualities with good interpersonal skills, highly motivated, fast learner, good team player and very proactive in problem solving with providing best solutions.

TECHNICAL SKILLS:

Log Analysis Tool: Splunk Enterprise Server, Splunk Universal Forwarder, Splunk DB Connect, Splunk ITSI, Splunk ES

Web/App Servers: Web Sphere Application Server 5.0/6.x/7.x/8.xApache Web Server 2.x, Tomcat 5.5, IIS 6/7.x

Scripting: Shell Script, Perl, Batch

Others: Site Minder

PROFESSIONAL EXPERIENCE:

Confidential, GA

Splunk Security Developer / Administrator

• Designing and implementing Splunk-based best practice solutions. Requirement gathering and analysis. Interacted with team members and Business users during the design and development of the application.
• Expertise with Splunk UI/GUI development and operations roles.
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
• Designing and maintaining production-quality Splunk dashboards.
• Expertise in using Splunk with shell script in creating scripts for various activities like Generating Server Status and Health reports, Deployments on large scale configuration of servers.
• Created Dashboards, Visualizations, Statistical reports, scheduled searches, Alerts and worked on creating different other knowledge objects.
• Built dashboards, views, alerts, reports, saved searches using XML, Advanced XML and Search Processing language (SPL) as and when required.
• Worked on Splunk architecture and various components (indexer, forwarder, search head, deployment server), Universal and Heavy forwarder.
• Create Dashboard Views, Reports and Alerts for events and configure alert mail.
• Created EVAL Functions where necessary to create new field during search run time.
• Provide inputs for identifying best fit architectural solutions - deployment for Splunk project.
• Splunk Engineer/Dashboard Developer responsible for the end-to-end event monitoring infrastructure of business-aligned applications.
• Experience in setting up dashboards for senior management and production support- required to use SPLUNK.

Confidential, Atlanta, GA

Splunk Security Developer / Administrator

Responsibilities:

• Installation and configuration of Splunk product at different environments.
• Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards , Clustering and Forwarder Management .
• Designing and maintaining production-quality Splunk dashboards.
• Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.
• Responsible for documenting the current architectural configurations and detailed data flow and Troubleshooting Guides for application support.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Experience in handling security events that affect VMware systems, applications, infrastructure, information and users using Splunk Enterprise Security .
• Managing indexes and cluster indexes, Splunk web framework, data model and pivot tables.
• Performed troubleshooting and/or configuration changes to resolve Splunk integration issues.
• Hands on development experience in customizing Splunk dashboards, visualizations, configurations, reports and search capabilities using customized Splunk queries.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Designing and maintaining production-quality Splunk dashboards.
• Worked with Client engagements and data onboarding and writing alerts, dashboards using the Search Processing Language (SPL).
• Experience in Splunk GUI development creating Splunk apps, searches, Data models, dashboards, and Reports using the Splunk query language.

Confidential, Florida

Splunk Developer/ Admin

Responsibilities:

• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Extracted complex Fields from different types of Log files using Regular Expressions.
• Created Search Commands to retrieve multiline log events in the form Single transaction giving Start Line and End Line as inputs.
• Created HTML dashboards with third party java scripts and css to create beautiful visualizations Field Extraction, Using Ifx, Rex Command and regex
• Guarantee high accessibility & execution trough flat scaling and burden adjusted segments.
• Prepared, arranged and tested Splunk search strings and operational strings. Created and configured management reports and dashboards.
• Configure the add-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.
• Automating in Splunk using Perl with Service-Now for event triggering.
• Deployed Splunk updates and license distribution over multiple servers using a deployment server.
• Independently identified opportunities to improve operational and other performance for Security, IT Operations and other clients.
• Involved in interacting with business owners, developers and business analysts in improving the application.
• Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.
• Helped the client to setup alerts for different type of errors.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Analyzed large datasets to identify metrics, drivers, performance gaps and opportunities for improvement.
• Maintain documentation of applications including what work has been done, what is left to do and site-specific procedures documenting the Splunk environment.
• Work with application team and production support team to troubleshoot production performance and reliability issues

Confidential

Splunk Developer/ Admin

Responsibilities:

• Created Dashboards, report, scheduled searches and alerts.
• Onboard new log sources with log analysis and parsing to enable SIEM correlation.
• Implemented forwarder configuration, search heads and indexing.
• Supported data source configurations and change management processes.
• Analyzed and monitored incident management and incident resolution problems.
• Resolved configuration based issues in coordination with infrastructure support teams.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Developed Splunk Dashboards, searches and reporting to support various internal clients in Security, IT Operations and Application Development.
• Assisted with on boarding relevant data sources as needed, including inputs, SQL, index-time configurations, search-time field extractions, event types, and tags.
• Onboarding performance monitoring tools for GCRM applications.
• Build performance dashboards through Splunk, Extrahop.