SUMMARY

• Experienced Sr. Splunk Engineer/ Lead Monitoring Engineer with strong background in system management which include but not limited to installation, configuration, and maintenance, securing and troubleshooting of Linux/window operating system. I am a dependable team player, problem solver, and teachable employee.

TECHNICAL SKILLS

• MySQL, Apache, Tomcat, WINSCP, Nagios/OMD, Putty, Jenkins, Samba, FTP, NFS, Git, Jenkins, DNS, DHCP, Confluence, JIRA, Kickstart
• DenyHosts, Ansible, New Relic, Nagios, EM7 load balancer, OMD, Cacti, Nconf, MySQL, WebSphere, Apache, Ngnix, Tomcat, Jboss
• SiteScope, Spacewalk, OSSEC, DenyHosts, Tripwire,, Lynis (Auditing tool), Git/Gitolite, Jenkins, Jira, Confluence, Stash, GitHub, Gitlab bamboo, Postgres, Sendmail, Cron, SSH, FTP,NFS, Samba, DHCP, Fail2ban, Squid Proxy, PhpMyadmin, LDAP (389 DS)
• Bind DNS, Zabbix, Splunk, FileZilla, WINSCP etc.

PROFESSIONAL EXPERIENCE

Splunk Engineer/ Systems Support Engineer

Confidential

Responsibilities:

• Support the implementation of splunk distributed infrastructure to include Search - Head, Indexer, Deployment Server, License Server, Heavy Forwarder and Universal Forwarder.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Tuning and configuration of Splunk App for Enterprise Security (ES).
• Identifies, reports, and resolves serious security violations; maintains systems to protect data from unauthorized users and anticipated or unanticipated risks.
• Publishes, monitors, and mandates information and computer security policies and security awareness information and programs.
• Schedules and supervises periodic network security assessments across multiple platforms and/or distributed networks.
• Performs complex security resource and access rule maintenance. Develops and implements security monitoring and violation reports that identify any attempt to access unauthorized materials.
• Provides security support in a distributed environment. Participates in technical evaluations of enterprise security access control products.
• Created and configured management reports and dashboards.
• Developed, evaluated and documented specific metrics for management purpose.
• Trained Splunk security team members for complex search strings and ES modules.
• Analyzed security based events, risks and reporting instances.
• Managed and maintained use cases into correlation systems.
• Designed, developed and implemented system engineering plans and technical support services.
• Executed systems programming activities and supported data center activities
• Developed Splunk infrastructure and related solutions as per automation toolsets.
• Installed, tested and deployed monitoring solutions with Splunk services.
• Provided technical services to projects, user requests and data queries.
• Implemented forwarder configuration, search heads and indexing.
• Supported data source configurations and change management processes.
• Analyzed and monitored incident management and incident resolution problems.
• Resolved configuration based issues in coordination with infrastructure support teams.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Develop custom Splunk ES correlation searches & tune notable events.
• Manage medium to large splunk infrastructure.
• Strong experience with Splunk 5.x, 6.x, 7.x, 8.x product, distributed Splunk environment
• Expertise in Installation, Configuration, Migration, Trouble-Shooting and Maintenance of Splunk infrastructure.
• Expert in using several search commands like streamstats, eventstats, maxsearch, stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table etc.,
• Creating accurate reports, Dashboards, Visualizations, Elastic search and Pivot tables for the business users.
• Experience in using Splunk platform in Linux and windows.
• Good knowledge of creating and implementing of PowerShell scripts to take care of Splunk file backup, monitoring alert log and log rotation.
• Creating and Managing Splunk DB connect Identities, Database Connections, Database Inputs and Outputs, access controls.
• Experience in Operational Intelligence using Splunk platform.
• Use Splunk Search Processing Language (SPL) and Regular expressions.
• Creating, maintain, support, repair, customizing System & Splunk applications, search queries and dashboards.
• Deploy new Splunk systems and Monitor Splunk internal logs from the monitoring Console (MC) to identify and troubleshoot existing or potential issues
• Creation of indexes, forwarder & indexer management, Splunk Field Extractor IFX, Search head Clustering, Indexer clustering, Splunk upgradation,
• Experience with Splunk UI/GUI development activities by managing the Splunk knowledge objects like Field extraction, Tags and Lookups management.
• Ability to Debug Splunk related and integration issues.
• Configured Clusters for load balancing and fail over solutions.

Lead Monitoring Engineer

Confidential

Responsibilities:

• Supported data source configurations and change management processes.
• Analyzed and monitored incident management and incident resolution problems.
• Resolved configuration based issues in coordination with infrastructure support teams.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Develop custom Splunk ES correlation searches & tune notable events.
• Optimize and tune current dashboards.
• Create new dashboards based on new feeds and tune over a period.
• Correlate event logs to create more targeted dashboards and alerts.
• Set up advanced searches and reports.
• Create prioritized list of assets within Splunk and related live dashboards and notification.
• Weekly status reports on all work executed, deliverables developed/submitted, and work planned for next period
• Use-case development.
• Work with Audit and Assessment teams to validate controls and architecture deployment.
• Support the identification and documentation of data sources.
• Architecting and deploying clustered/distributed Splunk Enterprise 6.x implementations to large, complex customers.
• Administering Splunk and Splunk Apps to include developing new/custom Apps to perform specialized functionality.
• Provided technical services to projects, user requests and data queries.
• Management of the company IT infrastructure; Physical, Virtual, Private and Public cloud.
• Administering Splunk and Splunk Apps to include developing new/custom Apps to perform specialized functionality.
• Integrating Splunk with a wide variety of legacy data sources and industry leading commercial tools.
• Performing advanced searching and reporting to help customers with the implementation specialized/custom dashboards.
• Performing maintenance and optimization of existing clustered Splunk deployments.
• Involved in setting up alerts for different type of errors.
• Developed, evaluated and documented specific metrics for management purpose.
• Using SPL created Visualizations to get the value out of data.
• Created Dashboards for various types of business users in organization.
• Played a major role in understanding the logs, server data and brought an insight of the data for the users.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.

Splunk Systems Administrator

Confidential

Responsibilities:

• Knowledge of Splunk Architecture and deployment of clustered/distributed Splunk Enterprise 6.4 or above.
• Administering Splunk and Splunk Apps to include developing new/custom Apps to perform specialized functionality.
• Integrating Splunk with a wide variety of legacy data sources and industry leading commercial tools.
• Performing advanced searching and reporting to help customers with the implementation specialized/custom dashboards.
• Performing maintenance and optimization of existing clustered Splunk deployments.
• Involved in setting up alerts for different type of errors.
• Developed, evaluated and documented specific metrics for management purpose.
• Using SPL created Visualizations to get the value out of data.
• Created Dashboards for various types of business users in organization.
• Played a major role in understanding the logs, server data and brought an insight of the data for the users.
• Supporting migration from Splunk On Premise data center to Amazon AWS
• Launching, Configuring, Supporting large scale instances on AWS
• Monitored Database Connection Health by using Splunk DB connect health dashboards.
• Created Crontab scripts for timely running jobs.
• Developed build scripts, UNIX shell scripts and auto deployment processes.
• Provided technical services to projects, user requests and data queries.
• Involved in assisting offshore members to understand the use case of business.
• Assisted internal users of Splunk in designing and maintaining production-quality dashboard
• Involved in writing complex IFX, rex, combine command to extracts the fields from the log files.
• Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.
• Helped the client to setup alerts for different type of errors.
• Worked to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Involved in installing and using Splunk app for Linux and UNIX.

Operation Analyst

Confidential

Responsibilities:

• Assist in installation, configuration and administration of Centos using Kickstart Servers and unattended disk.
• Assist in monitoring network security and intrusion detection while adjusting and updating system to meet requirement.
• Assist in ongoing system performance, system application tuning, hardware upgrades, and resource optimization as required. Configure CPU, memory, and disk partitions as required.
• Assist in creating and managing users and groups, assign permissions and control access to files.
• Provide first level contact, troubleshoot application issues on the platform and convey resolutions to customer issues.
• Create Linux/Unix/Window Virtual Machines using VMware.
• RPM and YUM package installations, patch and other server management.
• Monitor system performance on all servers (Virtual memory, Disk and CPU utilization).
• Implement password aging on Red Hat and Centos servers.
• Provided on call support by rotation 24/7.
• Setup of NFS and Samba file sharing services on Linux and Windows environments.
• Day- to Day, hands on work building, patching and maintaining Linux system in highly virtualized (VMware) environment.
• Installation of Nagios/ OMD server