- Successful AWS & Splunk Engineer over 6 years of professional Experience dedicated to Log Management, Security, and Infrastructure Visibility.
- Expertise with the Monitoring, Logging as well as Cloud automation for Linux and Windows systems.
- Seeking a position to fill Infrastructure Engineer role for growth of organization and leverage my technical knowledge with new and emerging trends in IT.
Log management: Splunk Cloud, Splunk Enterprise, Sumologic, ELK
AWS Services: EC2, EKS, ELB, VPC, RDS, IAM, CloudFormation, S3, CloudWatch, Cloud trial, SNS, SQS, EBS, Amazon Direct Connect, DMS, and AWS Lambda.
IAAS: EC2, ELB, RDS, EBS, Auto Scaling, S3, OpenStack, Microsoft Azure
PAAS: Elastic Beanstalk, IAM
SAAS: Splunk Cloud, NewRelic, AppDynamics, SumoLogic, Cloudability, PagerDuty, VictorOps.
Databases: MySQL, Oracle 12c, 11g, MS SQL Server 2008r2, 2012, Amazon Aurora
Application/Web Server: Oracle, Apache Tomcat, Oracle Application Server, WebSphere Nginx.
SDLC: Agile, Scrum methodologies.
Scripting Languages: UNIX Shell scripting, XML, JAVA, POWERSHELL, Python.
Operating Systems: RHEL, UNIX, Linux, Windows.
Confidential, Baltimore, MD
Infrastructure Engineer - Splunk
- Supporting cloud logging team to build and maintain the logging infrastructure using AWS CloudFormation and its services for aggregated logging, reporting and alerting.
- Designed and developed monitoring to improve the observability and reliability of for applications using Splunk.
- Responsible in Administration of Splunk at CMS as a central logging platform for reviewing current logs, assist ADOs (Application Delivery Organizations) to setup logging hosted in AWS Cloud.
- Involved in build, configure and manage CMS cloud logging services also updated logging AWS Lambdas and built new versions.
- Used cloud tamer to deploy logging CloudFormation stacks which deploys Splunk logging infrastructure to ADO’s aws accounts, includes logging lambdas, IAM roles, creates HEC token and stores in secrets manager.
- Helped to improve engineering quality, operation excellence and evolution of Splunk Observability’s web applications, web services, and APIs.
- Implementing Terraform for provisioning and managing the infrastructure.
- Responsible for new and existing data onboarding from MAG to Splunk and troubleshooting every Splunk issue and optimizing performance.
- Configured Microsoft add on for Splunk to send data from Azure event hubs to Splunk.
- Normalizing Splunk data to ensure all fields are mapping with CIM and bringing data to Splunk ES and ITSI.
- Monitor internal systems supporting the information security program including Firewalls, UBA, SIEM/Log management, EDR (and other endpoint security tools), encryption, PAM, etc.
- Installed AppDynamics Application agent for monitoring java application running on Docker Container and deployed Machine Agents for monitoring Docker containers and its services.
- Working closely with Business team and helping to solve Splunk problems within the business Environment.
- Intermittent problems and Offer interface solutions where necessary as systems or business processes are upgraded and/or replaced.
- Provided regular support guidance to Splunk project teams on complex issue resolution and assisting with best practices, creating deployment runbooks to empower the development teams.
- Strong knowledge on Kubernetes architecture.
- Involved in 24/7 on-call rotation and created runbooks for incident management.
Confidential, Columbus, OH
Splunk/ DevOps Engineer
- Architected Splunk in Confidential as a central logging platform for reviewing current logs, managing incident responses and event management practices.
- Providing tool recommendations, process change and/or system design to implement a best practice Security Incident and Event Management (SIEM) solution and UBA.
- Monitoring information security alerts using Security Information and Event Manager (SIEM) to triage, mitigate, and escalate issues as needed while capturing essential details and artifacts.
- Monitoring or analyzing the real-time events for the security devices like Firewall, IDS, Anti-Virus etc., using SIEM tools.
- Responsible for every Splunk Enterprise Administration, ESS Administration and development tasks like onboarding data from or using multiple sources, developing advanced dashboarding, Alerts, Correlations and reporting.
- Collaboratively worked with the cloud team to add the Splunk forwarder image on Confidential AMI (amazon machine image) which includes inputs and outputs apps that are connected to Splunk Cloud.
- Collaborate with various project team members and external personnel to monitor, manage, resolve incident, problem tickets, and adjust as needed.
- Implementing CI/CD for Splunk with Deployment Apps folder from Deployment Server into Github by using branches and pull requests to make changes and kicking the Jenkins pipeline to Clone the git repository followed by SSH into the DS and copying the files to DS and restarting the Splunkd.
- Upgraded Splunk Enterprise from v 7.3 to 8.1 in clustered and non-clustered environments.
- Helped the app teams to on-board data from Kubernetes by using the sidecar container and fluent bit.
- Managing Splunk Multi site Cluster environment and troubleshooting issues.
- Analyzed and monitored incident management and incident resolution problems.
- Performing Splunk cloud migration from Splunk On-prem.
- Grasp the Technical aspects from High level to create Deployment plans, Contingency Plans and which direction to go if they hit a snag.
Confidential, Chicago, IL
Splunk/ AWS Engineer
- Designed a scalable Monitoring Framework to ensure proper monitoring of all production servers, applications, network devices, databases and connections.
- Installed and configured each component of Splunk single handedly.
- Upgraded Splunk Enterprise from v 6.9 to v 7.1.3 in clustered and non-clustered environments.
- Configured Universal Forwarders to connect to Deployment Server which act as Deployment Clients and managed these configurations form a central place.
- Installed and configured Splunk DB Connect in Single and distributed server environments.
- Successfully moved Splunk DB from local to NAS using custom scripts in clustered environment.
- Deployed/configured Splunk on various platforms with cross search functionality (On-prem and AWS).
- Deployed Monitoring agents into applications based upon their requirements, used AppDynamics for monitoring Applications health.
- Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Outputs.conf and Inputs.conf files.
- Collaborated with database administration teams and cloud team to provide self-service management process to automate (Oracle, SQL server, Maria dB) database provisioning RDS in AWS public cloud using AWS CloudFormation.
- Designed AWS Cloud Formation templates to create custom sized VPC, subnets, NAT to ensure successful deployment of Web applications and database templates.
- Managed multiple AWS accounts with multiple VPC's for both production and non-prod where primary objectives included automation, build out, integration and cost control.
- Implemented POC for using and integrating CloudWatch logs with Splunk App for AWS
- Experience in Installing AppDynamics Event Services, machine agents, database agents, App agents.
- Designing and implementing Splunk-based best practice solutions.
Confidential, Danbury, CT
Monitoring/ AWS Cloud Engineer
- Responsible for setting up monitoring using Splunk for capacity planning, system health, availability, and optimization of infrastructure.
- Create and Enhance Dashboards, Visualizations, Statistical reports, scheduled searches, alerts, summary indexes and knowledge objects like Macros, IFX, Calculated fields, Tags, Event Types and Look ups.
- Configured Splunk App for AWS and created a VPC Topology view, created alerts on Security insights within AWS Infrastructure, shown a metric overview for Usage of EC2, ELB, EBS, RDS.
- Created new inputs for AWS CloudWatch Logs, Config Rules, and Billing in Splunk Add On for AWS.
- Manage Splunk user accounts (create, delete, modify, etc.) Scripted SQL Queries in accordance with the Splunk.
- Leveraged AWS cloud services such as EC2, auto-scaling and VPC to build secure, highly scalable and flexible systems that handled expected and unexpected load bursts.
- Configured and maintained an AWS Virtual Private Cloud (VPC), Public and Private Subnets, NACL's, Route Tables, Elastic Load Balancer, Security Groups and EC2 instances.
- Used monitoring tools (AppDynamics, SPLUNK, Dynatrace Keynote) to monitor, alert and report the health of system and software components for both local and cloud data center.
- Requirement gathering and analysis. Interacted with team members and users during the design and development of the applications and Splunk Objects.
- Receiving promptly, handling, gathering requirements through Jira tickets and resolving at on time.
- Communicating and collaborating with customers, Splunk users.
- Used Amazon IAM to grant fine access of AWS resources to users. Also managed roles and permissions of users to AWS account through IAM.
- Created Cost and utilization reports in Cloudability for our multiple cloud providers AWS, Azure and GCP.
- Used Cloudability Rest APIs to pull all our Public cloud (AWS, Azure and GCP) providers data and dump into a MS SQL DB, used Power BI in creating dashboards for cost and utilizations.
Confidential, Houston, TX
- Created Dashboards, Visualizations, Statistical reports, scheduled searches, Alerts and worked on creating different other knowledge objects.
- Experience about Splunk architecture and various components (indexer, forwarder, search head, deployment server)
- Involved in admin activities and worked on inputs.conf, outputs.conf, props.conf and transform.conf to set up time zone and time stamp extractions, complex event transformations and whether any event breaking.
- Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
- Provide Regular support guidance to Splunk project teams on complex solution and issue resolution.
- Helping application teams in on-boarding Splunk and creating dashboards/alerts/reports etc.
- Performed troubleshooting and/or configuration changes to resolve Splunk integration issues.
- Managed Indexer Clusters including security, hot and cold bucket management and retention policies.
- Scripting and development skills (Perl, Python) with strong knowledge of regular expressions.
- Perform the role of Splunk admin/developer as the situation demands.
- Responsible for Developing and implementing new “best practices” for ensuring continued availability and security of the infrastructure while providing a clear audit trail.
- Playing a key role in identifying and driving process changes within the team.
- Provided regular support guidance to SPLUNK project teams on complex solution and issue resolution and assisted Administrators to ensure whether SPLUNK is actively and accurately running and monitoring on the current infrastructure implementation