PROFESSIONAL SUMMARY:

• Over 8 years of IT experience with 5+ years of experience in Splunk administration and development.
• 5 years of Splunk experience including Splunk SPL and designing and developing Splunk Dashboards, Reports, Lookup Tables, Summary Indexes
• 5 years of experience using Splunk to correlate, analyze and report on database activity events and
• Extensive working experience with regular expressions to effectively extract key tokens of data into meaningful fields
• 5 years of data management skills including data modeling, data integrity and data quality
• Experience with Database Activity Monitoring
• Knowledge of how to customize Splunk Dashboards via the XML source
• Knowledge of the Splunk Common Information Model and how to apply it directly and indirectly to data feeds
• Knowledge and understanding of application security planning and security architecture
• Knowledge and understanding of information security risk assessment or audit
• Knowledge and understanding of common cybersecurity threat vectors, Experienced in Preparing, arranging and testing Splunk search strings and operational strings.
• Proficiency with the usage of various search commands like stats, chart, timechart, transaction, strptime, strftime, eval, xyseries, where, table and experience with the usage of Extract key word and used Macros to reuse the searches etc.
• Hands on experience in using the commands like rex, erex to extract the fields from the log files.
• Extensive knowledge in creating accurate reports using XML, Dashboards, visualization and pivot tables for the business users.
• Expertise in supporting network security, system security, and security event management tools (SIEMs).
• Experience with create metrics and dashboard using API’s development.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Creation and maintaining monitoring dashboards across the Technology spectrum; and Setting and maintaining alerts and alert thresholds;
• Installing and configuring of several Add - Ons, Apps including Servicenow, Ping federate, Tanium, Akamai, Dell emc Vmax, Isilon, VNX, xtremio, and many customized apps.
• Field extraction, regex, data parsing, filtering, transforming, anonymizing, data onboarding.
• Expertise in Monitoring all Critical Applications to save approximately 50% of Business Hours
• Experience in configuring Indexers, Forwarders (Universal and Heavy), Search Heads, Deployment/Management servers, Deployment clients.
• Development of SPLUNK Queries to generate the Reports.
• Experience in automation using UNIX Shell Scripting and Python scripting.
• Knowledge of AWS, creating EC2 instances, S3 buckets on AWS to store Cloud Formation Templates
• Expert in doing Indexer clustering, Search head clustering, Splunk upgradation, Creating users, roles and authentication.
• Proficient in dashboards, forms, Alerts, Reports, dynamic drilldowns, knowledge objects, Post processing.
• Proficient with Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Proficient in onboarding the data from various sources, utility server, database, syslog and SNMP traps.
• Expertise at creating and modify the various Splunk configuration files.
• Experience in creating Splunk apps, mobile apps, navigations, interfaces and pleasant experience Splunk lookups, lookup files and their publication into Splunk.
• Advanced Splunk dashboarding with XML, CSS, JAVASCRIPT UI experience and setup Add-Ons in Splunk dashboards, administration experience on Linux and AIX servers.
• Very good experience in Splunk configurations, designing, creating, developing, testing, troubleshooting, deploying and maintaining Splunk solutions, reporting, alerting and dashboards
• Monitor the internal logs to recognize and solve the existing issues.
• Used techniques to optimize searches for better performance, Search time vs Index time field extraction. And understanding of configuration files, precedence and working; fish bucket.
• Excellent working Communication Skills.
• Time stamping, Line breaking & Merging. Installing license on master server.
• Create license pools. Creating and maintaining indexes. Extensive working experience with different configurations.
• Excellent knowledge of TCP/IP networking, and inter-networking technologies (routing/switching, proxy, firewall, load balancing)
• Experience in scripting languages including Python, bash and shell scripting, XML, HTML, JavaScript & CSS customizations, REST API, web-based technologies.
• Excellent in root cause analysis and problem solving. Comfortable at Linux, AIX and Windows operating systems.
• Ability to effectively communicate value of data driven solutions to client.
• Build and present presentations that showcase value of data driven solutions. Ability to work in a fast-paced environment and multi-task

GENERAL SKILLS:

• Translates ideas into actions and results; adapts to changing conditions and unexpected challenges; focuses on successful completion of priorities; consistently meets deadlines; anticipates and overcomes task barriers.
• Takes ownership of tasks and follows through to results; understands own strengths/weaknesses; holds self-accountable and completes tasks and projects.
• Performs work with accuracy, efficiency, thoroughness, and effectiveness; is attentive to detail and accuracy, is committed to excellence, continuously looks for improvements.
• Recognizes problems and acts; uses logic and good judgment to arrive at sound, well informed, and timely decisions; seeks input from others and involves others when appropriate.
• Communicates information, ideas and opinions professionally with clarity; works cooperatively, considerately, and professionally with others; have good listening skills; is flexible/open-minded; solicits feedback and effectively handles constructive criticism.
• Interpret technical specifications and requirements. Independently determine methods and procedures for assignments. Work effectively in multiple tasks and with changing priorities. Excellent verbal and written communication skills.

IT TECHNICAL SKILLS:

Languages: Splunk processing language, Shell, Bash, Python.

Hardware: Round robin technique for load balancing

Applications: Developed several applications on Splunk by using, JavaScript and CSS.

Industries: Good Industry knowledge on multiple sectors

Project Management Tools: Jira, Rally

Methodologies: Agile scrums, waterfall methodologies

PROFESSIONAL EXPERIENCE:

Confidential, Memphis TN

Splunk administrator / Developer

Responsibilities:

• Designing and implementing Splunk-based best practice solutions. Interact with Business users and team members during the design and development of the application. Requirement gathering and analysis.
• Planning, communicating clear instructions to the team members;, guiding and directing the team.
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
• Configurations with deployment server, indexers, search heads, serverclass.conf, server.conf, apps.conf, props.conf, transform.conf, forwarder management configurations. Clustering, deploying apps through the Splunk deployment server, deployer, Splunk version upgradation, creating roles and authentication.
• Installed and configured several Add-Ons, Apps including Servicenow, Ping federate, Tanium, Akamai, Dell emc, Vmax, Isilon, VNX and many customized apps.
• Extensive working experience with regular expressions to effectively extract key tokens of data into meaningful fields
• Integrating Splunk with Oracle DB for data enrichments and developed several KPIs such as Enqueues per sec, Logical Reads Per sec, Logical Write Per sec, Average Active sessions, Latency and etc in ITSI as well as in Splunk core.
• Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions. designing and developing Splunk Dashboards, Reports, Lookup Tables, Summary Indexes
• Used Splunk to correlate, analyze and report on database activity events and have working knowledge with regular expressions to effectively extract key tokens of data into meaningful fields
• Customized Splunk Dashboards via the XML source.
• Created and triggered various dropdowns and drilldowns by using Splunk static Lookups.
• Design and Develop dashboards, data models, reports and optimize their performance.
• Developed alerts and timed reports Develop and manage Splunk applications. Implementing maps integration and dynamic drill downs.
• Worked on Datamodels and CIM compliance.
• Admin activities like Forwarder management, Data Ingestion, Indexing and Field extractions using Splunk IFX. Installing splunk instances and enable distributed splunk indexing.
• Setting up the custom configurations at several types of endpoints (Universal, lightweight forwarders and syslog clients)
• Configure source types for file, directory, network, Windows, *nix and application logs event inputs.
• Setting up the scheduled jobs for real-time alerts and email reports (csv/pdf).
• Performing the log pattern analysis and applying field-based extractions (regex) to ease the development work.
• Designing the custom splunk dashboards using advanced XML.
• Splunk error trouble shooting, Access control management (creating custom roles, providing access to splunk)
• Splunk deployment, set up configuration, security & user management. Troubleshoot Splunk server problems and issues.
• Installed, Configured, implemented various visualization Add-ons to the developed and developing dashboards
• Administering Splunk and Splunk Apps to include developing new/custom Apps to perform specialized functionality.
• Integrating Splunk with a wide variety of legacy data sources and industry leading commercial security tools that use various protocols.
• Installed, configured, Splunk ITSI 3.01 version and upgraded it to 3.1.0.
• Communicating with customer stake holders to include leadership, support teams, and system administrators.

Confidential, Syracuse NY

System administrator

Responsibilities:

• Installation of Splunk head, Indexer and Forwarders on 2000+ servers (Windows & Linux environment).
• Install and maintain the Splunk adds-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database.
• Configure and Install Splunk Enterprise, Agent, and Apache Server for user and role authentication and SSO.
• Worked on getting data/logs from AWS and Azure into Splunk.
• Expertise with Splunk UI/GUI development and operations roles.
• Played a key role in understanding the logs, server data and brought an insight of the data for the users.
• Worked as a Splunk Admin for Creating and managing app, Creating users, role, Permissions to knowledge objects.
• Experience with data onboarding from multiple source types - system logs, app server logs, database logs.
• Worked with DATAPOWER, AZURE, ESPRESSO, OAA, and Security teams to get their data into Splunk.
• Analyzed security-based events, risks and reporting instances.
• Prepared, arranged and tested Splunk search strings and operational strings, writing Regex.
• Created Admin, Power Users and User roles for the application and created the app sharing permissions for the distinct roles.
• Supporting network security, system security, and security event management tools (SIEMs)
• Involved in writing complex IFX, Rex and Multikv command to extracts the fields from the log files.
• Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.
• Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Created alerts based on the critical parameters, which will trigger emails to the operational team.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Optimized the search performance of Splunk queries and reduced the time for loading the dashboards.
• Parsing, indexing, Hot, Warm, Cold & Frozen bucketing.
• Created metrics or Dashboards for Windows Registry, Event Logs, File System, and Sys Internals, Weblogs, Syslog, IOSTAT, TOP, DB Connect.
• Deployed Splunk System for Business Intelligence Group on RHEL, Linux with Distributed Licenses, Distributed Indexing and Index Clusters.
• Provide access on roles, restriction permissions. Report on license usage and set Distributed license system.
• Installation and Maintenance of Splunk Universal Forwarders, Solving Forwarder Issues, Deployment Server Classes and Apps through Deployment Server.
• Implemented Forwarders (Universal and Heavy) with Load Balancing, Splunk Forwarder Management
• Deploying Splunk updates and license distribution over multiple servers using a deployment server.
• Create Splunk apps for consuming data for applications and implement apps

Confidential, Palo Alto, CA

Splunk Admin

Responsibilities:

• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Helped teams to on-board data, create various knowledge objects, install and maintain the SplunkApps, TAs
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
• Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.
• Assigning Splunk User and role authentication including LDAP authentication and scripted authentication.
• Creating dashboards, forms, Alerts, Reports, dynamic drilldowns, saved search, Summery index, Post processing.
• Configurations with deployment server, indexers, search heads, serverclass.conf, server.conf, apps.conf, props.conf, transform.conf, forwarder management configurations.
• Manipulating raw data and Field extraction; Monitoring and troubleshooting
• Monitor the applications and server infrastructure for optimization, performance and Utilization metrics.
• Used Python scripting to Configure Alerts and notifications on various thresholds, SLAs for Personal Insurance Architecture team.

Confidential

Splunk / ETL Developer

Responsibilities:

• Requirement gathering and analysis.
• Worked as a Splunk Admin and Developer
• Extensive knowledge in creating accurate reports using XML, Dashboards, visualization and pivot tables for the business users.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Provided technical services to projects, user requests and data queries as well as supported change management processes.
• Work with development and engineering teams to evaluate new system monitoring requirements;
• Creating and refining event monitors for existing systems;
• Setting and maintaining alerts and alert thresholds;
• Good knowledge on Objects such as Event Types, Tags, Field Extraction (Using Regular Expression), Lookups etc.
• Have experience in configuring Indexers, Forwarders (Universal and Heavy), Search Heads, Deployment/Management servers, Deployment clients.
• Development of SPLUNK Queries to generate the Reports.
• Analyzed and monitored incident management and incident resolution problems.
• Indexer clustering, Search head clustering, Splunk upgradation, Creating users, roles and authentication
• Proficient in onboarding the data from different sources, utility server, database, syslog and SNMP traps.
• Installation of Splunk Search head, Indexer and Forwarders on 2000+ servers (Windows & Linux environment).
• Expertise with Splunk UI/GUI development and operations roles.
• Create Dashboard Views, Reports and Alerts for events and configure alert mail.
• Create Splunk apps for consuming data for applications and implement apps
• Design flow charts indicating the input datasets and the techniques that would be used (sort, merge, append) to get the desired output.
• Data Analysis and graphical presentation for various summary reports using Base SAS and SAS/Graph facility.
• Develop SAS programs for listing of tables for data review and presentation including adhoc reports, CRTs as per CDISC, patients listing mapping of safety database and safety tables

Confidential

SAS Programmer

Responsibilities:

• Requirement gathering and analysis.
• Design and implement statistical reporting processes for data analysis.
• Extensively use SAS/Macro facility to provide reusable programs that can be conveniently used time to time and created tables, listing and graphical reports.
• Generate output files in text format, HTML & PDF format using SAS ODS.
• Create SAS transport (.xpt) files and converted the Transport files into SAS Data Sets.
• Use SAS/ACCESS to extract data from Oracle and other relational databases for analysis.
• Develop reports using PROC REPORT, PROC TABULATE and DATA NULL .
• Design flow charts indicating the input datasets and the techniques that would be used (sort, merge, append) to get the desired output.
• Data Analysis and graphical presentation for various summary reports using Base SAS and SAS/Graph facility.
• Develop SAS programs for listing of tables for data review and presentation including adhoc reports, CRTs as per CDISC, patients listing mapping of safety database and safety tables