Splunk Engineer/ Systems Support Engineer Resume
2.00/5 (Submit Your Rating)
SUMMARY
- Experienced Sr. Splunk Engineer/ Lead Monitoring Engineer with strong background in system management which include but not limited to installation, configuration, and maintenance, securing and troubleshooting of Linux/window operating system. I am a dependable team player, problem solver, and teachable employee.
TECHNICAL SKILLS
- MySQL, Apache, Tomcat, WINSCP, Nagios/OMD, Putty, Jenkins, Samba, FTP, NFS, Git, Jenkins, DNS, DHCP, Confluence, JIRA, Kickstart
- DenyHosts, Ansible, New Relic, Nagios, EM7 load balancer, OMD, Cacti, Nconf, MySQL, WebSphere, Apache, Ngnix, Tomcat, Jboss
- SiteScope, Spacewalk, OSSEC, DenyHosts, Tripwire,, Lynis (Auditing tool), Git/Gitolite, Jenkins, Jira, Confluence, Stash, GitHub, Gitlab bamboo, Postgres, Sendmail, Cron, SSH, FTP,NFS, Samba, DHCP, Fail2ban, Squid Proxy, PhpMyadmin, LDAP (389 DS)
- Bind DNS, Zabbix, Splunk, FileZilla, WINSCP etc.
PROFESSIONAL EXPERIENCE
Splunk Engineer/ Systems Support Engineer
Confidential
Responsibilities:
- Support the implementation of splunk distributed infrastructure to include Search - Head, Indexer, Deployment Server, License Server, Heavy Forwarder and Universal Forwarder.
- Prepared, arranged and tested Splunk search strings and operational strings.
- Tuning and configuration of Splunk App for Enterprise Security (ES).
- Identifies, reports, and resolves serious security violations; maintains systems to protect data from unauthorized users and anticipated or unanticipated risks.
- Publishes, monitors, and mandates information and computer security policies and security awareness information and programs.
- Schedules and supervises periodic network security assessments across multiple platforms and/or distributed networks.
- Performs complex security resource and access rule maintenance. Develops and implements security monitoring and violation reports that identify any attempt to access unauthorized materials.
- Provides security support in a distributed environment. Participates in technical evaluations of enterprise security access control products.
- Created and configured management reports and dashboards.
- Developed, evaluated and documented specific metrics for management purpose.
- Trained Splunk security team members for complex search strings and ES modules.
- Analyzed security based events, risks and reporting instances.
- Managed and maintained use cases into correlation systems.
- Designed, developed and implemented system engineering plans and technical support services.
- Executed systems programming activities and supported data center activities
- Developed Splunk infrastructure and related solutions as per automation toolsets.
- Installed, tested and deployed monitoring solutions with Splunk services.
- Provided technical services to projects, user requests and data queries.
- Implemented forwarder configuration, search heads and indexing.
- Supported data source configurations and change management processes.
- Analyzed and monitored incident management and incident resolution problems.
- Resolved configuration based issues in coordination with infrastructure support teams.
- Maintained and managed assigned systems, Splunk related issues and administrators.
- Develop custom Splunk ES correlation searches & tune notable events.
- Manage medium to large splunk infrastructure.
- Strong experience with Splunk 5.x, 6.x, 7.x, 8.x product, distributed Splunk environment
- Expertise in Installation, Configuration, Migration, Trouble-Shooting and Maintenance of Splunk infrastructure.
- Expert in using several search commands like streamstats, eventstats, maxsearch, stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table etc.,
- Creating accurate reports, Dashboards, Visualizations, Elastic search and Pivot tables for the business users.
- Experience in using Splunk platform in Linux and windows.
- Good knowledge of creating and implementing of PowerShell scripts to take care of Splunk file backup, monitoring alert log and log rotation.
- Creating and Managing Splunk DB connect Identities, Database Connections, Database Inputs and Outputs, access controls.
- Experience in Operational Intelligence using Splunk platform.
- Use Splunk Search Processing Language (SPL) and Regular expressions.
- Creating, maintain, support, repair, customizing System & Splunk applications, search queries and dashboards.
- Deploy new Splunk systems and Monitor Splunk internal logs from the monitoring Console (MC) to identify and troubleshoot existing or potential issues
- Creation of indexes, forwarder & indexer management, Splunk Field Extractor IFX, Search head Clustering, Indexer clustering, Splunk upgradation,
- Experience with Splunk UI/GUI development activities by managing the Splunk knowledge objects like Field extraction, Tags and Lookups management.
- Ability to Debug Splunk related and integration issues.
- Configured Clusters for load balancing and fail over solutions.
Lead Monitoring Engineer
Confidential
Responsibilities:
- Supported data source configurations and change management processes.
- Analyzed and monitored incident management and incident resolution problems.
- Resolved configuration based issues in coordination with infrastructure support teams.
- Maintained and managed assigned systems, Splunk related issues and administrators.
- Develop custom Splunk ES correlation searches & tune notable events.
- Optimize and tune current dashboards.
- Create new dashboards based on new feeds and tune over a period.
- Correlate event logs to create more targeted dashboards and alerts.
- Set up advanced searches and reports.
- Create prioritized list of assets within Splunk and related live dashboards and notification.
- Weekly status reports on all work executed, deliverables developed/submitted, and work planned for next period
- Use-case development.
- Work with Audit and Assessment teams to validate controls and architecture deployment.
- Support the identification and documentation of data sources.
- Architecting and deploying clustered/distributed Splunk Enterprise 6.x implementations to large, complex customers.
- Administering Splunk and Splunk Apps to include developing new/custom Apps to perform specialized functionality.
- Provided technical services to projects, user requests and data queries.
- Management of the company IT infrastructure; Physical, Virtual, Private and Public cloud.
- Administering Splunk and Splunk Apps to include developing new/custom Apps to perform specialized functionality.
- Integrating Splunk with a wide variety of legacy data sources and industry leading commercial tools.
- Performing advanced searching and reporting to help customers with the implementation specialized/custom dashboards.
- Performing maintenance and optimization of existing clustered Splunk deployments.
- Involved in setting up alerts for different type of errors.
- Developed, evaluated and documented specific metrics for management purpose.
- Using SPL created Visualizations to get the value out of data.
- Created Dashboards for various types of business users in organization.
- Played a major role in understanding the logs, server data and brought an insight of the data for the users.
- Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
Splunk Systems Administrator
Confidential
Responsibilities:
- Knowledge of Splunk Architecture and deployment of clustered/distributed Splunk Enterprise 6.4 or above.
- Administering Splunk and Splunk Apps to include developing new/custom Apps to perform specialized functionality.
- Integrating Splunk with a wide variety of legacy data sources and industry leading commercial tools.
- Performing advanced searching and reporting to help customers with the implementation specialized/custom dashboards.
- Performing maintenance and optimization of existing clustered Splunk deployments.
- Involved in setting up alerts for different type of errors.
- Developed, evaluated and documented specific metrics for management purpose.
- Using SPL created Visualizations to get the value out of data.
- Created Dashboards for various types of business users in organization.
- Played a major role in understanding the logs, server data and brought an insight of the data for the users.
- Supporting migration from Splunk On Premise data center to Amazon AWS
- Launching, Configuring, Supporting large scale instances on AWS
- Monitored Database Connection Health by using Splunk DB connect health dashboards.
- Created Crontab scripts for timely running jobs.
- Developed build scripts, UNIX shell scripts and auto deployment processes.
- Provided technical services to projects, user requests and data queries.
- Involved in assisting offshore members to understand the use case of business.
- Assisted internal users of Splunk in designing and maintaining production-quality dashboard
- Involved in writing complex IFX, rex, combine command to extracts the fields from the log files.
- Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.
- Helped the client to setup alerts for different type of errors.
- Worked to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
- Involved in installing and using Splunk app for Linux and UNIX.
Operation Analyst
Confidential
Responsibilities:
- Assist in installation, configuration and administration of Centos using Kickstart Servers and unattended disk.
- Assist in monitoring network security and intrusion detection while adjusting and updating system to meet requirement.
- Assist in ongoing system performance, system application tuning, hardware upgrades, and resource optimization as required. Configure CPU, memory, and disk partitions as required.
- Assist in creating and managing users and groups, assign permissions and control access to files.
- Provide first level contact, troubleshoot application issues on the platform and convey resolutions to customer issues.
- Create Linux/Unix/Window Virtual Machines using VMware.
- RPM and YUM package installations, patch and other server management.
- Monitor system performance on all servers (Virtual memory, Disk and CPU utilization).
- Implement password aging on Red Hat and Centos servers.
- Provided on call support by rotation 24/7.
- Setup of NFS and Samba file sharing services on Linux and Windows environments.
- Day- to Day, hands on work building, patching and maintaining Linux system in highly virtualized (VMware) environment.
- Installation of Nagios/ OMD server