SUMMARY:

• Setup Splunk Forwarders for new application levels brought into environment
• Managing Splunk Forwarder via centralized deployment server
• Expert in developing splunk dashboards, creating data models, summary indexes and forwarder management.
• Upgrade and Optimize Splunk setup wif new discharges.
• Extensive experience in deploying, configuring and administering Splunk clusters.
• Build Splunk dashboards using XML and Advanced XML as well as Created Scheduled Alerts for Application Teams for Real Time Monitoring.
• Prepared Daily, Weekly and Monthly Reports for Business according to requirement using Splunk and reported to Business in case of of any Data Mismatch or Data abnormality.
• Helping application teams in on - boarding Splunk and creating dashboards, alerts, etc.
• Install, Configure and use different Apps such as SplunkDBConnect (for connecting to Databases), WMI (to monitor CPU and Memory Usage on Servers) etc.
• Analyzed new Applications as well included them in our monitoring scope wif teh halp of Incident Management and Change Management Teams.
• System Administration familiar wif Windows Servers, Red Hat Linux Enterprise Servers, Solaris and IBM AIX servers.
• Excellent skills on troubleshooting and problem determination of HTTP/System/ Network related problems including monitoring, capacity planning and maintenance by providing 24X7 support on call for all mission critical applications.
• Worked on Knowledge Objects such as EventyTypes, Tags, Field Extraction (Using Regular Expression), Lookups etc.
• Expertise on investigating HTTP issues using tools like Fiddler, HTTP Analyzer etc.
• Deployed RHEL LINUX on HP Blade and dell power servers
• Experience in Shell scripting and extensively used Regular expressions in search string and data anonymization.
• Worked broadly on firm wide Enterprise Releases and DR events.
• Involved in SiteMinder Web Agent foundation and outlining teh Web Agent on Web Server cases.
• Involved in developing complex scripts to automate batch jobs.

TECHNICAL SKILLS:

• Splunk 6.1.5/6.0, Sideview utils, Data Models
• Deploy server management, Dashboards
• Search processing language (SPL).
• Windows 2003/2000/NT, UNIX, Linux.
• MS SQL Server, UDB/DB2
• C++, CSQL/PL SQL, HTML, XML

PROFESSIONAL EXPERIENCE:

Confidential

Splunk CONSULTANT

Responsibilities:

• Getting data in and Managing Splunk apps
• Dedicated Splunk Administrator, supporting 5,000+ servers in TIAA-CREF across various o/s platforms; Unix and Windows on Splunk Version 6.
• Supporting 8 search-heads
• 50 +indexers
• 4000 + universal forwarders.
• Troubleshooting and resolve teh splunk - performance/search poling/log monitoring issues; role mapping, dashboard creation etc.
• Managing Clusters VERITAS Clusters, VFS, ASM disk all and Knowledge RHEL cluster setup
• Installed, tested and deployed monitoring solutions (Alerts, Dashboards and Reports) wif Splunk services for different Application Teams.
• Pull continuous data from different paths in Forwarders.
• Involved in installing and usingSplunkapp for Linux and Unix.
• Create dashboard to show teh traffic for various Cities across teh Globe for our Client in integration wif Google Maps
• Expert in data inputs/apps creation/noledge objects /views managing in Splunk
• Assisted clients on installing various apps on Splunk;
• Splunk App for NetApp Data ONTAP
• Splunk App for XenApp
• Splunk App for Active Directory
• Splunk App for BlueCoat
• Splunk for OracleWeb Logic Server
• Hadoop Connect
• Side View Utils
• Splunk DB Connect
• MAXMIND, to name a few
• Monitoring daily health checks wif regards to license usage, indexer f/s usage, etc
• Good noledge about Indexer and Search head clustering
• Configured splunk infrastructure.
• Worked wif administrators to ensureSplunkis actively and accurately running and monitoring on teh current infrastructure implementation.
• Performed a scripted installtion of universal forwarders.
• Created Regular Expressions for Field Extractions and Field Transformations in Splunk.
• Experienced in attending teh bridge calls for production issues and non-prod issues and involved application teams or database teams or networking teams to resolve teh issues and involved in Root cause analysis for teh issues encountered. Also provided 24/7 on call support for all teh production applications.
• Analyzed security based events, risks and reporting instances
• Configured Splunk forwarder to send unnecessary log events to “Null Queue” using props and transforms configurations to reduce license costs.
• Created Splunk app for Enterprise Security to identify and address emerging security threats through teh use of continuous monitoring, alerting and analytics.
• Developed a POC on usage of Puppet Configuration Management tool.
• Ingesting logs to geologically distributed Splunk infrastructure.
• Introduction to large-scale Splunk deployment
• Installation and implementation of several kind of visualizations to Splunk Dashboards.
• Additional responsibilities include Knowledge management, Providing KTs, Documentation and communications on future upgrades
• Wrote PL/SQL and Splunk queries.
• Provided 24/7 on call support for 1000 Red Hat/Windows Physical servers residing on BL 460C blades and virtual servers running on ESXi.
• Anonymize teh PII (Personally Identifiable Information) data in Splunk. Masked sensitive information such SSN numbers, Addresses when showing results in Splunk.
• Responsible to check out teh transaction roll back error.
• Identifying bad searches, dashboards and communication wif teh team to make it a better search.
• Identified and Designed use cases dat address specific business needs.
• Had installed splunk on remote graphic work station and by using forwarders monitored and reported data by using splunk on another work station.
• Implemented Searches wif Job Scheduling
• Identified ongoing tasks on splunk development.
• Set up alerts when teh response time or traffic falls above or below expected limit.
• Props file management for event breaking and time stamp matching.
• Captured data from various front end, middle ware application.
• Assisted internal users ofSplunkin designing and maintaining production-quality dashboard

Confidential

SPLUNK DEVELOPER

Responsibilities:

• Worked on Splunk search processing language, Splunk dashboards and Splunk dbconnect app.
• Work closely wif Application Teams to create new Splunk dashboards for Operation teams.
• Created Splunk app for Enterprise Security to identify and address emerging security threats through teh use of continuous monitoring, alerting and analytics.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure wif common configuration files such as Bootstrap scripts, Outputs.conf and Inputs.conf files
• Configure Splunk for all teh mission critical applications and using Splunk effectively for Application troubleshooting and monitoring post go lives
• Involved in teh requirement gathering and analysis. Interacted wif team members and Business users during teh design and development of teh application.
• Handling OS - Migrations / Upgrade ( Live and Jump start) Solaris and Kick start using on Linux servers
• Experience on Logical Volume Manager, managing physical volumes, volume groups, logical volumes, performing file systems management On Linux
• Knowledge on Web/apps server/Load balancer issues
• Develop custom app configurations (deployment-apps) wifin SPLUNK in order to parse, index multiple types of log format across all application environments.
• Creation of various user profiles and environment variables to ensure security.
• Maintained server are include file server, printer server, IIS web server, WINS Server, DHCP Server, SCCM Server WSUS, Symantec Endpoint Protection Anti Virus server, WSUS Backend / Bridgehead Exchange server and other application servers.
• Daily, Managed server data backup for entire network o teh tape for disaster recovery plan
• Supporting Linux servers in production/state/development environment.
• Experience in developing dashboards and customizing them.
• Efficiently handled Work Load Management for load balancing and failover, improving performance, reliability and scalability
• Gathering different wellsprings of syslog and XML information from different gadgets, applications, and information bases.
• Implemented forwarder configuration, search heads and indexing.
• Resolved configuration based issues in coordination wif infrastructure support teams.
• Setting up alerts on critical conditions for monitoring teams for proactive monitoring.

Confidential

SPLUNK ADMINISTRATOR

Responsibilities:

• As primary for Splunk support, supported Splunk circulated environment comprising of search heads, indexers and forwarders across different OS including Aix, Solaris and Windows.
• Created and configured management reports and dashboards in Splunk for application log monitoring
• Install different Splunk Applications, for example, Cisco for Splunk, Windows for Splunk and VMware for Splunk.
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Prepared, arranged and tested Splunk search strings and operational strings. Created and configured management reports and dashboards.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Upgradation of Splunk Instances (Search Head, Indexer etc).
• Installation and upgrade of Software & Patches, configuration mgmt, version control, service pack. & reviewing connectivity issue regarding security problem.
• Configured Indexer replication to achieve data availability, data fidelity and disaster tolerance.
• Analyzed and monitored incident management and incident resolution problems.
• Creation of Alerts and Dashboards Using AppDynamics
• Installing and Configuring Indexer, Search Head, License Server as well as Deployment Server on Cloud (Amazon AWS).
• Created Dashboards, report, scheduled searches and alerts.
• Created many of teh proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing
• Worked on Linux from scratch involving to build our own linux system entirely from teh source code.
• Worked on splunk sdk for python to enable teh binding module to provide a thin abstraction over raw HTTP.
• Calculated required memory usage for splunk.

Confidential

System Administrator

Responsibilities:

• Responsible for monitoring Linux/Unix infrastructure including Linux, Solaris, AIX. Provide primary administration support for 600 Linux Servers.
• Worked on migration projects involving migration from UNIX based platform to Linux
• Performed day to day activities related to monitoring, managing file space, log rotation
• Worked wif Datacenter teams to resolve hardware issues and replace parts
• Monitor teh data loading from different Legacy systems into Data Warehouse.
• Used Workflow Manager to schedule and run batches, sessions and to check session logs and other session related activities.
• Performed installation of new software packages, patches and upgrades.
• Responsible for maintaining inventory for all Linux servers at corporate and remote locations.
• Involved in Updating and Patching of Linux Guests
• Securing services using TCP wrapper and SE Linux
• Planning, scheduling and implementing OS patches on both Solaris & Linux boxes as a part of proactive maintenance
• Worked wif File System includes UNIX file Sytem, and Networking file system
• Worked wif truss and snoop in debugging
• Responsible for and adding Swap Space at run time
• Helped in upgrading servers from RHEL4.x to RHEL 5.x.