SUMMARY

• 9+ years of IT experience and 8+ years of experience with Splunk - Enterprise Splunk, Splunk DB Connect, Splunk configuring, implementing, and supporting Splunk Server Infrastructure across Windows, UNIX and Linux.
• Extensive knowledge of Splunk architecture and various components. Passionate about Machine data and operational Intelligence.
• Have experience in understanding of Splunk 5.x, 6.x and 7.x product, Distributed Splunk architecture and components including search heads, indexers, forwarders.
• Expertise in Splunkenterprise architecture such as Search Heads, Indexers, Deployment server, Deployer, License Master, Heavy/Universal Forwarders.
• Experience analyzing network, event, and security logs on premise and cloud.
• Headed Proof-of-Concepts on Splunk implementation, splunk indexing and plugins, mentored and guided other team members on Understanding the use case of Splunk.
• Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.
• Expert in installing and using Splunk apps for Unix and Linux (Splunk nix).
• Used Time chart attributes such as Span, Bins, Tag, and Event Types. Created and configured management reports and dashboards.
• Experience in cloud based technologies such as S3, Redshift and with NoSql stores such as MongoDB.
• Experience with Splunk Searching and Reporting modules - (Splunk ITSI and Enterprise Security App) Knowledge Objects, Administration.
• Experience with other Splunk premium applications - ITSI, UBA, ES, Hunk.
• Developed several releases of the Enterprise Canonical XML Schema (ECXS), enabling timely implementation of Exchange-related projects for the Affordable Care Act.
• Experience on Data Analytics, Advanced Data Analytics, Visualization, Advanced Visualization, Dashboard Customization, and Advanced Dashboard Customization in Splunk.
• Experience on Splunk Enterprise Deployments and enable continuous integration as part of configuration using (props.conf, Transforms.conf, Input.conf&Output.conf, Deployment.conf) management.
• Experience in Create and Manage Splunk DB connects Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Cloud computing and Virtualization.
• Knowledge on Cloud technologies, Enterprise security.
• Analyze and monitor application and system logs using homegrown and commercial profiling tools (dynaTrace, JMeter, Splunk).
• Dynatrace, OPNET, TeamQuest toolset experience.
• Understanding and experience with configuration management tools and concepts such as Puppet, Chef, CloudFormation, and similar.
• FlexLM Licensing, Synopsys, Cadence, VMware, vSphere, vCenter, Hyper-V, CAD/ASIC and IT Infrastructure, SAS Grid Manager, SAS Viya, Active Directory, LDAP, Office 360, Desktop Central (App Management, Policy Management, Patch
• Management and Software Deployment), Automox, Tcpdump, Wireshark, Splunk (ES, UBA, ITSI & ITOA), AppDynamics, ExtraHop, and SolarWinds.
• Experience with network security and system security for Security Event Management Tools (SIEMs).
• Experience on log parsing, complex Splunk searches, including external table lookups, Splunk data flow, components, features and product capability.
• Experience on Splunk query language and Monitored Database Connection Health by using Splunk DB connect health dashboards.
• Conducted data model reviews with project team members.
• In depth and extensive Knowledge in setting up alerts and Monitoring recipes from the Machine generated data.
• Exposure to Application Servers like Web Logic, IBM Web Sphere, JBoss and Apache Tomcat Web Server.
• Experience in PL/SQL programming - Stored Procedures, Functions, Packages, SQL tuning, and creation of Oracle Objects - Tables, Views, Materialized Views, Triggers, Sequences, Synonyms, Database Links, and User Defined Data Types. Experience using SQL, PL/SQL Procedures, Functions, Triggers and Packages.
• Used Model Mart of ERwin for effective model management of sharing, dividing and reusing model information and design for productivity improvement.
• Built the physical data model for customer review and approval and constructed the registration database using Oracle 9i on a windows platform.
• Platform Assessment and one time engineering support and on call support

TECHNICAL SKILLS

Splunk: Splunk 5.x and 6.x 7.x 7.1, Splunk Enterprise, Splunk on Splunk, Splunk DB 2 Connect, Splunk Cloud, Hunk, Splunk IT Service Intelligence, Splunk Web Framework.

Operating Systems: Windows 2000, XP, Win 10, Windows Server, Unix/Linux (Red Hat), Free BSD.

Data Analysis: Requirement Analysis, Business Analysis, detail design, data flow diagrams, data definition table, Business Rules, data modeling, Data Warehousing, system integration.

RDBMS: Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008 , Sybase, DB2 MS Access, Mysql.

Web Technologies: HTML, DHTML, JavaScript, XML, XSL, XSLT, REST, SOAP.

Web/App Servers: Apache Tomcat 6.0, web logic8.1/9.2, web sphere 6.0

Concepts: SDLC, Object Oriented Analysis and Design, Unified Modeling Language (UML), Assembly and System Level Testing, exposure in Agile.

Programming Language: C, C++, Java with Big Data, Python, UNIX shell scripts.

Test Automation: Robot Framework, Selenium WebDriver, JUnit, Mocha, Jasmine.

Visualization/Monitoring:

Tools: Tableau, Splunk, Dynatrace, Kibana, New Relic.

PROFESSIONAL EXPERIENCE

Confidential - Akron, OH

Splunk Consultant

Responsibilities:

• Experience in implementing Splunk 6.x and 7.x/8.x in production, Distributed Splunk architecture and components including heads, indexers and forwarders etc.
• Experience in Configuring, Monitoring Splunk server infrastructure across Windows, Linux operating systems.
• Experience in Splunk Enterprise security, data onboarding like firewall logs, AD security logs, AWS logs etc.,
• Experience in install and configure the Splunk forwarder agent across various OS in Application environment to collect the data feeds into Splunk Environment.
• Ingestion of logs from 3rd Party Data Sources and Security Logs.
• Responsible to implement Splunk Heavy forwarder component to perform intermediate routing, filtering, masking and overriding before the indexing.
• Develop reliable & efficient SPL queries that will feed Custom Alert/Dashboards and Reports.
• Administering Splunk, creating reports, monitoring, and troubleshooting user incidents.
• Proficient with Splunk architecture and various components (Indexer, Forwarder, Search Head, Deployment Server), Heavy and Universal forwarder.
• Experience in DB Connect configuring, implementing.
• Experience in integrating Multi-site Cluter indexers and Search Head Cluster.

Confidential - Cincinnati, OH

Sr.Security Splunk Engineer

Responsibilities:

• Experience in implementing Splunk 5.x and 6.x in production, Distributed Splunk architecture and components including heads, indexers and forwarders etc.
• Hands on experience in installing and using Splunk apps for UNIX and Linux (Splunk nix). Worked on several Security related Usecases and have been a part of security team. Created various dashboards for Security operations to monitor LDAP and IAM applications.
• Slight exposure to phantom playbooks and vaults.
• Complete deployment of Search Head Clusters in different environments, including migration of existing Search Head pooling (simultaneously cut over from current Search Head's instead of creating from scratch).
• Experience in configuring the rsyslog& syslog-ng and also with Regular Expressions. Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics And Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Use techniques to optimize searches for better performance, Search time Vs Index time field extraction. And understanding of configuration files, precedence and working.
• Implemented workflow actions to drive troubleshooting across multiple event types in Splunk. Worked with Client engagements and data onboarding and writing alerts, dashboards using the Splunk query language. Troubleshooting performance issues of Splunk searches.
• Coordinating with application and system owners to onboard applications in Splunk and ensure logging capabilities are functional. Analyzed security based events, risks and reporting instances. Assist in auditing through Splunk SME knowledge (PCI, SOC, etc.) rovide regular on-call support guidance to Splunk project teams on complex solution Good understanding of configuration files, precedence and daily work exposure Props.conf, transforms.conf, inputs.conf, output.conf and server.conf to set up forwarder information based on the requirement.
• Involved in installation, Administration and configuration of Splunk enterprise and integration with local legacy systems. Experience with Linux and Windows specialists for Splunk organization with a strong comprehension of the Splunk framework.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing. Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.
• Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.

Environment: Splunk 6.x, Splunk ES 4.2, Splunk DB Connect and other modules, Oracle WebLogic 9.x/10.x, J Boss 5.x/6.x, Tomcat 5.x/6.x, Oracle 9i/10g, Solaris 10, LINUX, Apache2.x, python, ANT, AWK, IIS, Integrity Site Minder Policy Server 5.5/6.0, LDAP.

Confidential - San Francisco, Confidential

Sr. Splunk Engineer/ Consultant

Responsibilities:

• Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise Server 6.0 and Splunk Universal Forwarder 6.0.
• Administered a complex cluster based environment involving search heads in a cluster while the indexers are in standalone mode.
• Configured Splunk forwarder to send unnecessary log events to "Null Queue" using props and transforms configurations.
• Created and configured management reports and dashboards in Splunk for application log monitoring.
• Active monitoring of Jobs through alert tools and responding with certain action to logs analyses the logs and escalate to high level teams on critical issues.
• Responsible for developing Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
• Extensive experience on setting up the Splunk to monitor the customer volume and track the customer activity.
• Have involved as a Splunk Admin in capturing, analyzing and monitoring front end and middle ware applications.
• Created Splunk app for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.
• Created and configured management reports and dashboards in Splunk for application log monitoring.
• Responsible for administering, maintaining, and configuring a 24 x 7 highly available, Splunk apps for production portal environment.
• Worked closely with Application Teams to create new Splunk dashboards for Operation teams using advance XML and CSS.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs.conf and Inputs.conf files.
• Extensively used Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.
• Used DB connect for real-time data integration between SplunkEnterprise and databases.
• Strong experience in automating Vulnerability Management patching and CI/CD using Chef and other tools like GitLab, Jenkins, and AWS/Open Stack.
• In depth Knowledge of AWS cloud service like Compute, Network, Storage and Identity & access management.
• Hands-on Experience in configuration of Network architecture on AWS with VPC, Subnets, Internet gateway, NAT, Route table.
• Performed troubleshooting and monitoring of the Linux server on AWS using Zabbix, Nagios and Splunk .
• Management and Administration of AWS Services CLI, EC2, VPC, S3, ELB Glacier, Route 53, Cloudtrail, IAM, and Trusted Advisor services.
• Created automated pipelines in AWS CodePipeline to deploy Docker containers in AWS ECS using services like CloudFormation, CodeBuild, CodeDeploy, S3 and puppet .
• Worked on JIRA for defect/issues logging & tracking and documented all my work using CONFLUENCE .
• Integrated services like GitHub, AWS CodePipeline, Jenkins and AWS Elastic Beanstalk to create a deployment pipeline.
• Good Experience in architecting and configuring secure cloud VPC using private and public networks through subnets in AWS.

Confidential - Islandia, NY

Sr.Splunk Developer/Admin

Responsibilities:

• Installed & configured and managed SplunkEnterprise Server 5.x/4.x, Splunk Universal Forwarder 5.x/4.x on various platforms like Windows Server, UNIX, Solaris.Tuned and Supported SplunkEnterprise Server 5.0.
• Worked on various components in Splunkenterprise architecture such as Search Heads, Indexers, Deployment server, Deployer, License Master, Heavy/Universal Forwarders etc.
• Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
• Worked on multiple Splunk SPL functions to create new fields during search.
• Used Splunk for Application Log, Security Log and Performance monitoring.
• Configured Splunk multisite indexer cluster for data replication.
• Developed Splunk infrastructure and related solutions as per automation tool sets.
• Knowledge of security threats and vulnerabilities and how to detect and mitigate them, experience in building security monitoring and incident management solutions using Splunk.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Create dashboard from search, Scheduled searches o Inline search vs scheduled search in a dashboard.
• Configured up to 10 standard data sources based on use case scenarios to support the underlying security requirements.
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.

Confidential

Splunk Developer

Responsibilities:

• Installed & configured and managed SplunkEnterprise Server 5.x/4.x, Splunk Universal Forwarder 5.x/4.x on various platforms like Windows Server, UNIX, Solaris.
• Tuned and Supported SplunkEnterprise Server 5.0.
• Worked on various components in Splunkenterprise architecture such as Search Heads, Indexers, Deployment server, Deployer, License Master, Heavy/Universal Forwarders etc.
• Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
• Worked on multiple Splunk SPL functions to create new fields during search.
• Used Splunk for Application Log, Security Log and Performance monitoring.
• Configured Splunk multisite indexer cluster for data replication.
• Developed Splunk infrastructure and related solutions as per automation tool sets.
• Knowledge of security threats and vulnerabilities and how to detect and mitigate them, experience in building security monitoring and incident management solutions using Splunk.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Create dashboard from search, Scheduled searches o Inline search vs scheduled search in a dashboard.
• Configured up to 10 standard data sources based on use case scenarios to support the underlying security requirements.
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.

Confidential

BUILD AND RELEASE ENGINEER

Responsibilities:

• Troubleshoot build errors/issues and fix them.
• Troubleshoot and resolve build issues (J2EE/Android builds); Create and maintain build scripts and processes for full and incremental daily debug/release builds as well as production level software releases.
• Responsible for Developing J2EE code for a web based applications.
• Build and Deployment.
• Developed build and deployment scripts to automate end to end deployment.
• Written ANT scripts to automate builds, Shell scripts to automate deployment activities.
• Escalation management.
• Handled Escalations/release related queries from Development teams / Program managers QA teams and customer engagement exams by conducting 1st and 2nd level triages and redirecting to the specific teams if necessary.

Environment: Git, Jenkins, Maven, Jira, Bash, Sonar, ANT, Apache Tomcat, Shell and python.