SUMMARY

• A Splunk engineer having 6+ years with strong experience as a Splunk developer and administration, automation & fix activities. Keenly interested in architecting and deploying Splunk; Enterprise security delivering innovative solutions around fix and automation, log analysis and data visualization; and open to learning new technologies to pursue that end.
• Experience in all facets of SDLC viz. requirement analysis, designs, development, testing, and post implementation revisions.
• Design, Deploy, and Support enterprise Splunk logging application. Assist other enterprise instances as Splunk Subject Matter Expert SME.
• Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Strong experience with Splunk 5.x and 6.x product, distributed Splunk architecture and components including search heads, indexes and forwarders.
• Expertise in creating Splunk, Dashboards, Reports and Alerts to meet business use cases.
• Expert in installing SPLUNK apps for distributed environment.
• Experience in working on Splunk Hunk.
• Experience in creating different visualizations using Bar, Line and Pie chart, Background Maps, Box plots, Scatter plots, Gantt charts, Bubble charts, Histograms, Trend lines & statistics, Bullets, Heat maps and Highlight tables.
• Used various Splunk Apps such as Splunk on Splunk, Universal Field Extractor, Splunk App for UNIX/Linux, Splunk DB1 Connect.
• Skilled in deploying, configuring and administering Splunk clusters.
• Troubleshooting and handling post production issues, on - site support, worked closely with engineering to coordinate and provide all the required information and interacting with the client.
• Strong qualitative analysis skills to lend insight into highly ambiguous and sensitive business problems. In-depth understanding of processes and technology integration challenges.
• Triggers using PL / SQL and UNIX Shell scripts.
• Good knowledge in Splunk DB Connect App and Basic understanding of Enterprise Security app.
• Hands on experience in Python, Shell Scripting, TIBCO designer, Oracle SQL, Siebel eScript, Java Script, CSS, HTML, Auto Hot Key.
• Expert in installing and configuring Splunk forwarders on Linux, Unix and Windows .
• Installed, configured and administered Web Servers like Apache 2.x HTTP Server, Apache Tomcat 6.x, Sun One 6.x Web Server and Microsoft IIS Server for WebLogic plug-ins.

TECHNICAL SKILLS

Log Analysis Tool: Splunk Enterprise Server 5.x/6.x, Splunk Universal Forwarder 5.x/6.x, Splunk DB Connect

Web/App Servers: Web Sphere Application Server 5.0/6.x/7.x/8.x, Web Sphere MQ Sever 6.x/7.x, WebSphere XD 6.0/6.1, IBM Http Server 6.x/7.x/8.x, Apache Web Server 2.x, Tomcat 5.5, IIS 6/7.x

Operating Systems: IBM AIX (5.1/6.1), RHL Linux, Windows Server 2003/2008 R2, VMWare

Programming: Java, J2EE, C++, C, SQL/PL SQL, HTML, DHTML, XML.

Scripting: JACL, Python, WSCP, WSADMIN, Korn Shell Script, Perl, JavaScript, CSS, Batch

Databases: Oracle (8i/9i), UDB/DB2, Sybase, MS SQL Server, IBM DB2

Monitoring tools: Wily Introscope 8.x/9.x, Tivoli, BSM Topaz, Tivoli Performance Viewer, IBM Thread and Heap Analyzers

Networking: TCP/IP Protocols, Socket Programming, DNS.

PROFESSIONAL EXPERIENCE

Confidential, Austin, TX

Splunk Developer/ Admin

• Installed, configured and administered Splunk Enterprise Server and Splunk Forwarder on Redhat Linux and Windows servers.
• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Built dashboards, views, alerts, reports, saved searches using XML, Advanced XML and Search Processing language (SPL) as and when required.
• Performed Field Extractions and Field Transformations using the Regular Expressions in Splunk.
• Worked in data-flow design for data ingestion, transformation and analytics layers.
• Created Splunk Apps using XML and Web Components. Knowledge of app creation, user and role access permissions.
• Created tags, Event types, field lookups, using regular expressions, aliases for search-time outputs and visualizations.
• Worked with Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
• Created custom app configurations (deployment-apps) within SPLUNK to parse, index multiple types of log format.
• Used SPLUNK’s REST API in order to perform searches from various application interfaces.
• Involved in developing complex scripts to automate batch jobs, troubleshooting and resolved the Splunk - performance, search poling, log monitoring issues; role mapping, dashboard creation etc.
• Developed a POC on usage of Puppet Configuration Management tool.
• Involved in Root cause analysis for the issues encountered. Provided on call support for all the production applications.
• Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.
• Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk.
• Writing Splunk Queries, Expertise in searching, monitoring, analysing and visualizing Splunk logs.
• Experience in alert handling, standard availability and performance report generation. Experience in root cause analysis of post-production performance related issues through Splunk tool.
• Designing, optimizing and executing Splunk-based enterprise solutions.
• Installed and configured Splunk Universal Forwarders on both UNIX (Linux, Solaris, and AIX) and Windows Servers.
• Hands on experience in customizing Splunk dashboards, visualizations, configurations using customized Splunk queries.
• Monitored the Splunk infrastructure for capacity planning, scalability, and optimization.
• Experienced in using Splunk- DB connect for real-time data integration between Splunk Enterprise and rest all other databases.

Environment: Splunk Enterprise Server 5.x/6.x, Universal Splunk Forwarder 5.x/6.x, RedHat Linux, Oracle, HACMP 5.4, HTML, Java Script, XML, Use of Regular expressions.

Confidential

Splunk Developer

• Expertise with Splunk UI/GUI development and operations roles.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Responsible for documenting the current architectural configurations and detailed data flow and Troubleshooting Guides for application support
• Knowledge of security threats and vulnerabilities and how to detect and mitigate them, experience in building security monitoring and incident management solutions using Splunk.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Create dashboard from search, Scheduled searches o Inline search vs scheduled search in a dashboard.
• Configured up to 10 standard data sources based on use case scenarios to support the underlying security requirements.
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Involved in setting up alerts for different type of errors.
• Developed, evaluated and documented specific metrics for management purpose.
• Using SPL created Visualizations to get the value out of data.
• Created Dashboards for various types of business users in organization.
• Played a major role in understanding the logs, server data and brought an insight of the data for the users.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Developed build scripts, UNIX shell scripts and auto deployment processes.
• Good experience in creating Splunk apps, navigations, interfaces and good experience on Splunk lookups, macros, Pivot, datamodels, lookup files and their publication into Splunk.
• Experience on use and understand of complex RegEx (regular expressions).
• Provided technical services to projects, user requests and data queries.
• Involved in helping the Unix and Splunk administrators to deploy Splunk across the UNIX and windows environment.
• Developed Splunk infrastructure and related solutions as per automation tool sets.
• Experience in creating Access controls, to user by creating AD (Active Directory) groups power and user groups.
• Experience with Active Directory and SSO Single sign-On option.
• Configure the add-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.
• Experience in Python general scripting, Hands on Experience in secure coding.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Worked to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Involved in installing and using Splunk app for Linux and Unix.

Confidential

System Engineer

• Responsible for monitoring Linux/Unix infrastructure including Linux, Solaris, AIX. Provide primary administration support for 600 Linux Servers.
• Decommissioning applications from unused nodes and rebuilding them for new projects.
• Performed PXE based installations on IBM servers.
• Performed installation of new software packages, patches and upgrades.
• Resolve monitoring alerts for Solaris and AIX servers like disk, CPU, swap and processes.
• Worked on migration projects involving migration from UNIX based platform to Linux.
• Helped in upgrading servers from RHEL4.x to RHEL 5.x.
• Responsible for user/group management, setting user quota, access management etc..
• Administered and configured DHCP, NFS, FTP, HTTP servers.
• Worked with Datacenter teams to resolve hardware issues and replace parts.
• Performed day to day activities related to monitoring, managing file space, log rotation,
• Managing scheduled backups through TSM, setting limits and kernel parameters.
• Co-ordinated with vendors, customer (users), managers to build systems and standards.
• Worked in various shifts to provide 24x7 support and on call support on weekends.

Environment: RHEL: 4.x, 5.x, Solaris, AIX, TSM, IBM and HP servers.