SUMMARY

• Proficient Software Engineer with 7+ years of experience in configuring, implementing and supporting Splunk Server Infrastructure across Windows, UNIX and Linux. Experience with a variety of operating systems protocols and tools, depending on the type of platform or application to be
• Engineered Splunk to build, configure and maintain heterogeneous environments and in - depth knowledge of log analysis generated by various systems including security products
• Architecture various components within Splunk (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, Parsing, Indexing, Searching concepts, Hot, Warm, Cold, Frozen bucketing, License model
• Upgrade and Optimize Splunk setup with new discharges.
• Setup Splunk Forwarders for new application levels brought into environment.
• Extensive experience in deploying, configuring and administering Splunk clusters.
• Helping application teams in on-boarding Splunk and creating dashboards, alerts, reports etc.
• Develop custom app configurations (deployment-apps) within SPLUNK in order to parse, index multiple types of log format across all application environments.
• System Administration familiar with Windows Servers, Red Hat Linux Enterprise Servers, Solaris and IBM AIX servers.
• Created and configured websites and application pools in IIS and worked extensively on .Net deployments in Windows space
• Experience in Shell scripting and extensively used Regular expressions in search string and data anonymization.
• Worked broadly on firm wide Enterprise Releases and DR events.
• Understanding of Network Firewalls, Load-balancers, LDAP and complex network design.
• Experience in Optimized search queries using summary indexing.
• Excellent skills on troubleshooting and problem determination of HTTP/System/ Network related problems including monitoring, capacity planning and maintenance by providing 24X7 support on call for all mission critical applications.
• Expertise on investigating HTTP issues using tools like Fiddler, HTTP Analyzer etc.
• Excellent communication and interpersonal skills.
• Skilled at accessing client needs, working in a group, suggesting ideas that enhance

TECHNICAL SKILLS

Log Analysis Tools: Splunk Enterprise 4.x/5.x/6.x, Splunk Universal Forwarder, Informatica PowerCenter.

Servers: Web/App Servers, WebSphere Application Server, Web Sphere MQ Sever 6.x/7.x, WebSphere XD 6.0/6.1, IBM Http Server 6.x/7.x/8.x,Apache Web Server 2.x, Tomcat 5.5, IIS 6/7.x

Operating Systems: IBM AIX (5.1/6.1), RHL Linux, Windows R2, VMWare

Programming: C#, C++, C, Java, Python, SQL/PL SQL, HTML, DHTML, XML.

Scripting: JavaScript, WSCP, WSADMIN, Korn Shell Script, Perl, CSS, Batch

Databases: Oracle(10g/11i/12c), UDB/DB2,Sybase,MS SQL Server, IBM Web Sphere DB2, Web logic

Frame Works: MVC, J2EE Design Patterns, Struts, IDE Eclipse, RAD 7, Net Beans, Edit plus and TOAD

Monitoring tools: Wily Introscope 8.x/9.x, Nagio, BSM Topaz, Tivoli Performance Viewer, NMON (AIX), IBM Thread and Heap Analyzers

Networking: TCP/IP Protocols, Socket Programming, DNS.

PROFESSIONAL EXPERIENCE

Confidential, Overland Park, KS

Sr. Splunk Administrator/Developer

Responsibilities:

• Install, configure and administer Splunk Enterprise Server 6.0.4 and Splunk Forwarder 6.2.0 on Redhat Linux and Windows severs.
• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Work closely with Application Teams to create new Splunk dashboards for Operation teams.
• Troubleshooting and resolve the Splunk - performance, log monitoring issues; role mapping, dashboard creation etc.
• Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
• Created Regular Expressions for Field Extractions and Field Transformations in Splunk.
• Anonymize the PII (Personally Identifiable Information) data in Splunk. Masked sensitive information such SSN numbers, Addresses when showing results in Splunk.
• Configure Splunk for all the mission critical applications and using Splunk effectively for Application troubleshooting and monitoring post go lives
• Supported 8+ Splunk search Heads, 50 + Indexers, 3200 + forwarders.
• Created Dashboards and Reports to show Login count of each application, to show which app resources being accessed more, Number of failed logins, statistics on High hitting applications.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs.conf and Inputs.conf files
• Configured Splunk forwarder to send unnecessary log events to “Null Queue” using props and transforms configurations to reduce license costs.
• Developing a custom application in Splunk
• Fetching the data from databases using "DB Connect Application"
• Extensively involved in troubleshooting the issues and document the problem resolutions for future references. Attended Change management meetings for approval for the applications which are supposed to go live and provided the MOM of CM meetings to the team.
• Experienced in attending the bridge calls for production issues and non-prod issues and involved application teams or database teams or networking teams to resolve the issues and involved in Root cause analysis for the issues encountered. Also provided 24/7 on call support for all the production applications.
• Involved in developing complex scripts to automate batch jobs.
• Developed a POC on usage of Puppet Configuration Management tool.

Environment: Splunk Enterprise Server 6.2.0, Universal Splunk Forwarder 4.x.x/5.x.x/6.x.x, RedHat Linux, IBM HTTP Web Server 6.1/7/8, Oracle, HACMP 5.4, HTML, Java Script, XML, Wily Introscope 9.x, IIS 7, Windows 2003, Windows 2008 R2, Python (Jython), Regular Expressions.

Confidential, Boston MA

Sr. Splunk Administrator/Developer

Responsibilities:

• Provide regular support guidance to Splunk project teams on complex solution and issue resolution.
• Created Dashboards, report, scheduled searches and alerts.
• Integrated Service Now with Splunk to generate the Incidents from Splunk.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects.
• Use techniques to optimize searches for better performance, Search time vs Index time field extraction and understanding of configuration files, precedence and working.

Environment: SPLUNK 6.0.1, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL.

Confidential, Columbus, OH

Splunk Administrator & Developer

Responsibilities:

• Expertise with Splunk UI/GUI development and operations roles.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Helped the client to setup alerts for different type of errors.
• Played a major role in understanding the logs, server data and brought insight of the data for the users.
• Involved in setting up alerts for different type of errors.
• Analyzed security based events, risks and reporting instances.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Developed, evaluated and documented specific metrics for management purpose.
• Using SPL created Visualizations to get the value out of data.
• Created Dashboards for various types of business users in organization.
• Provided technical services to projects, user requests and data queries.
• Involved in assisting offshore members to understand the use case of business.
• Assisted internal users of Splunk in designing and maintaining production-quality dashboard.
• Used Datameer to analyze the transaction data for the client.
• Involved in writing complex IFX, rex and Multikv command to extracts the fields from the log files.
• Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.
• Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation

Environment: Splunk 5.0, Pivotal HD, Datameer, Linux, Bash, Perl, Hbase, Hive, Pig, Hawq, Sed, rex, erex, Splunk Knowledge Objects

Confidential, Southfield, MI

Splunk Administrator & Developer

Responsibilities:

• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Extracted complex Fields from different types of Log files using Regular Expressions.
• Created Search Commands to retrieve multiline log events in the form Single transaction giving Start Line and End Line as inputs.
• Guarantee high accessibility & execution trough flat scaling and burden adjusted segments.
• Prepared, arranged and tested Splunk search strings and operational strings. Created and configured management reports and dashboards.
• Created EVAL Functions where necessary to create new field during search run time.
• Provide inputs for identifying best fit architectural solutions - deployment for Splunk project.
• Splunk Engineer/Dashboard Developer responsible for the end-to-end event monitoring infrastructure of business-aligned applications.
• Experience in setting up dashboards for senior management and production support- required to use SPLUNK.
• Maintained and managed assigned systems, Splunk related issues and administrators.

Environment: Splunk Enterprise Server 4.1.7, Splunk Forwarder 4.0, 4.3, Shell, Python Scripting

Confidential

Informatica Developer

Responsibilities:

• Involved in requirement designing, and development of data warehouse environment.
• Developed Mappings using various transformations like connected/unconnected Lookups, Filter, Stored procedure, Sequence Generator, Update strategy and Joiners etc. depending upon requirement.
• Used Repository Manager to create user groups and user profiles with privileges of Administrator and Setting up the security for creating user groups and assigning privileges.
• Used the workflow manager to create sessions and batches.
• Created concurrent batches in workflow Manger to run the mappings in a scheduled manner.
• Extensively used debugger to find out errors in mappings and later fixed them.
• Tuned existing mappings, targets, sources, sessions and SQL queries to improve the performance of work units.
• Mapplets and Reusable Transformations were used to prevent redundancy of transformation usage and maintainability.
• Migrated mappings, sessions, and workflows from Development to testing and then to Production environments.
• Provided the Production Support by running the jobs and fixing the bugs.
• Developed Exception programs to maintain and clean up data exceptions.
• Created, scheduled, and monitored the sessions and batches on the basis of run on demand, run on time using Informatica PowerCenter.
• Experienced in partition of data for better performance of sessions.

Environment: Informatica PowerCenter 8.1, Oracle 9i, SQL, UNIX, MS SQL Server, TOAD, Windows XP