We provide IT Staff Augmentation Services!

Senior Splunk Admin/developer Resume

2.00/5 (Submit Your Rating)

Tampa, FL

P ROFESSIONAL SUMMARY:

  • Around 8 years of Total IT experience in configuring, implementing and supporting Splunk Server Infrastructure across Windows, UNIX and Linux.
  • Experience in understanding of Splunk5.x and 6.x product, distributed Splunk architecture and components including installation of Search Heads, Indexers, Forwarders, Deployment Server, License Model and Heavy/Universal Forwarder.
  • Proficient in Parsing, Indexing, Searching Concepts like Hot, Warm, Cold, Frozen bucketing.
  • Creating dashboards with Scheduled Searches or Inline Search vs Scheduled Search in a Dashboard.
  • Experience developing Splunk Queries and Dashboards targeted at understanding application performance and capacity analysis.
  • Knowledge on Configuration files in Splunk props. conf, Transforms.confg, Output.confg.
  • Experience in Tuning SQL queries using utilities like EXPLAIN PLAN, SQL Trace and TKPROF to improve the performance.
  • Experience developing Splunk Queries and Dashboards targeted at understanding application performance and capacity analysis
  • Design, Deploy, and Support enterprise Splunk logging application. Assist other enterprise instances as Splunk Subject Matter Expert SME.
  • Expert in creating SQL Queries, PL/SQL Packages, Functions, stored procedures, cursors, Collections (Nested tables and V arrays), Records, Object types and Database Triggers.
  • Familiar with the Subversion version control software.
  • Splunk and Python Script is used to show how these logs can be analyzed for certain Events / Patterns and deduce information which can in turn be used to Self - learn and Self-Heal when these events re-occur on a regular basis.
  • Assisted internal users of Splunk in designing and maintaining production quality dashboard.
  • Ability to work in a team environment and as an individual with strong technical and communication skills, and good zeal in adapting new technologies in a fast-paced environment.
  • Installed and configured Splunk Enterprise and Enterprise Security(ES)
  • Performed troubleshooting and/or configuration changes to resolve Splunk integration issues. Scripting and development using Perl and Python. Creating and managing apps, Create user, roles, Permissions to knowledge objects.
  • Experience in optimizing searches for better performance, Search time vs. Index time field extraction and understanding of configuration files, precedence and working.
  • Gathered various sources of syslog and XML data from devices, applications, and data bases.
  • Involved in writing complex IFX, Rex and Multi kv command to extracts the fields from the log files. X.

TECHNICAL SKILLS:

Operating Systems: Microsoft windows, Linux, Unix, Development Methodologies & process waterfall and Agile Methodology

Information Security: Splunk ES

Splunk Modules: Splunk 6.2, Splunk 6.1.3, Splunk on Splunk, Splunk Enterprise 7.x, Splunk DB Connect, Splunk Cloud, Splunk Web Framework

Databases: Oracle, MongoDB, SQL Server, MySQL

Monitoring tools: SPLUNK 6.2, SPLUNK 6.3.3, SPLUNK 6.4, AppDynamics, Dynatrace.

Web Technologies: Html, JavaScript, CSS

Testing tools: JMeter and Postman.

Web Servers: Apache Tomcat, WAMP, JBoss, IBM WebSphere, Azure, Oracle.

Languages: C#,VB6, UNIX Shell/Bash Scripting, JAVA/J2EE.

PROFESSIONAL EXPERIENCE:

Senior Splunk Admin/Developer

Confidential - Tampa, FL

Responsibilities:

  • Installation and configuration of Splunk product at different environments. Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
  • Monitoring or analyzing the real-time events for the security devices like Firewall, IDS, Anti-Virus etc., using SIEM tools.
  • Developed Splunk Dashboards, searches and reporting to support various internal clients in Security, IT Operations and Application Development.
  • Analyzed security-based events, risks and reporting instances. Correlating events from a Network, OS, Anti-Virus, IDS/ IPS, Firewalls or Proxies and analyzing them for possible threats.
  • Understand and interpret customer requirements for Splunk implementation for an enterprise solution.
  • Provide deployment strategies with the understanding of affordable risk based on customer acceptance.
  • Created and configured management reports and dashboards. Planned, implemented, and managed Splunk for log management and analytics
  • Monitor security violations, flag potential violations and logging security incidents in Service Now.
  • Validate the existing rules and provide recommendation on fine tuning the rules. Creating and sending Risk Advisories to our clients.
  • Suppress false positive alerts. Weekly/Monthly incident analysis report. Analyzing the events and providing solutions for the incidents.
  • Involved in setting up alerts for a different type of errors, Data Enrichment using the lookups and Data Interpretation using the Fields and Fields Extraction and performing the Data Normalization using the Tags.
  • Good Understanding of configuration files, precedence and daily work exposure to Props.conf, transforms.conf, inputs.conf, outputs.conf and Setting up a forwarder information based on requirement.
  • Maintained Splunk Environment with multiple indexers; managed and configured settings.
  • Improved search performance by configuring to search heads for all Indexes in production.
  • Analyzed security-based events, risks and reporting instances. Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
  • Worked for getting data in managing Splunk apps. Assisted internal users of Splunk in designing and maintaining production-quality dashboards.
  • Splunk DB Connect 2.0 in search head cluster environments of Oracle. Installation and implementation of several kinds of visualizations to Splunk dashboards.
  • Continuous monitored of the alerts received through emails to check if all the application servers and web servers are up.
  • Knowledge on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
  • Conducted surveillance on various phishing emails and created alerts from future spam. Worked as part of Cyber Security Incident Response team to check on malware virus and threat emails.
  • Developed Splunk Search Processing Language (SPL) queries, created Reports, Alerts and Dashboards and customized them.

Environment: Splunk 6.x, Splunk DB Connect and other modules, Oracle WebLogic 9.x/10.x, Tomcat 5.x/6.x, Oracle 9i/10g, Solaris 10, LINUX, Sun ONE Directory Server 6, Sun One Web Server 6.0, Apache 2.x, Python

Splunk Admin/ Developer

Confidential - Los Angeles, CA.

Responsibilities:

  • Installation of Splunk Enterprise, Splunk forwarders’, Splunk Indexer, Apps in multiple servers (Windows and Linux) with automation.
  • Install and maintain the Splunk adds-on including the DB Connect, Active Directory LDAP for work with directory and SQL database.
  • Manage Splunk configuration files like inputs, props, transforms, and lookups.
  • Deploy, configure and maintain Splunk forwarder in different platforms.
  • Ensuring that the application website is up and available to the users.
  • Continuous monitoring of the alerts received through mails to check if all the application servers and web servers are up.
  • Create Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
  • Problem record analysis and solution providing.
  • Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
  • Creating Reports, Pivots, alerts, advance Splunk search and Visualization in Splunk enterprise.
  • Modification of python scripting for SCCM and HP Server Automation for Splunk deployments and updates.
  • Provide power, admin access for the users and restrict their permission on files.
  • Installed, tested and deployed monitoring solutions with Splunk services.
  • Provided technical services to projects, user requests and data queries.
  • Implemented forwarder configuration, search heads and indexing.
  • Assisted in auditing through Splunk SME knowledge.
  • Supported data source configurations and change management processes.
  • Maintained and managed assigned systems, Splunk related issues and administrators.
  • Performed Splunk administration tasks such as installing, configuring, monitoring and tuning.
  • Active monitoring of Jobs through alert tools and responding with certain action w.r.t to logs, analyses the logs and escalate to high level teams on critical issues.
  • Worked on log parsing, complex Splunk searches, including external table lookups.
  • Designing and maintaining production-quality Splunk dashboards.
  • Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
  • Deployed applications on multiple WebLogic Servers and maintained Load balancing, High availability and Fail over functionality.
  • Involved in monitoring the ticketing tool and taking the ownership of the tickets.
  • Developed build scripts, UNIX shell scripts and auto deployment processes.

Environment: Splunk 6.x, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL, XML, Java Script, MS Excel, MS Power Point.

Splunk Admin/Developer

Confidential - Palm Beach, Florida

Responsibilities:

  • Installation and configuration of Splunk product at different environments. Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
  • Install and maintain the Splunk adds-on including the DB Connect, Active Directory LDAP for work with directory and SQL database.
  • Create Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
  • Creating Reports, Pivots, alerts, advance Splunk search and Visualization in Splunk enterprise.
  • 1Provided technical services to projects, user requests and data queries.
  • Performed data conversions from flat files to a normalized database structure.
  • Created and maintained Indexes for various fast and efficient reporting processes.
  • Import & Export of data from one server to other servers using tools like Data Transformation Services (DTS) and bulk copy. Periodic monitoring of the system for bottlenecks.
  • Worked with management to update security manuals and address current concerns.
  • Participated in Tools tribe meetings and gathered requirements from all SME's and developed dashboards for WIB, Bill pay, Navv app, www app.
  • Worked for getting data in managing Splunk apps. Assisted internal users of Splunk in designing and maintaining production-quality dashboards.
  • Knowledge on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
  • Maintained Splunk Environment with multiple indexers; managed and configured settings.
  • Created EVAL Functions where necessary to create new field during search run time.
  • Used Ifx, Rex and Regex commands for field extraction.
  • Identify pattern and trends that are indicators of routine problems.
  • Implemented forwarder configuration, search heads and indexing.
  • Built dashboards, views, alerts, reports, saved searches using XML Search

    Processing language (SPL).

  • Analyzed and monitored incident management and incident resolution problems. Involved in transformation of IRS ETI user requirements into Splunk ITSI Use cases.
  • Created ITSI Dashboards/ Glass-Tables
  • Resolved configuration-based issues in coordination with infrastructure support teams.
  • Created many Splunk ITSI Log Analytics artifacts describing IEP Services.
  • Maintained and managed assigned systems, Splunk related issues and administrators.
  • Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.

Environment: Splunk 6.0.1, ITSI,Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL, XML, Java Script, MS Excel, MS Power Point.

Splunk Admin

Confidential

Responsibilities:

  • Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.
  • Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering, and Forwarder Management.
  • Administer and configure Splunk components like Indexer, Search Head, Heavy forwarder etc.; deploy Splunk across the UNIX and Windows environment; Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
  • Performed Splunk administration tasks such as installing, configuring, monitoring, and tuning.
  • Developed Cyber Security Standards on NIST Frameworks and insured their proper implementation to reduce the risk of vulnerability to IT assets.
  • Setup Splunk forwarders for new application tiers introduced into an existing application.
  • Experience in working with Splunk authentication and permissions and having significant experience in supporting large-scale Splunk deployments.
  • Coordinate incident handling with IT and Security staff.
  • Process phone calls and email requests for events.
  • Manage the Security Incident and Event Management (SIEM) infrastructure
  • Analyze network traffic and various log data and open source information to determine the threat against the network required response, containment, investigation, and remediation.
  • Responsible for incident response, tuning, system administration, operations and maintenance of the Security Incident and Event Management (SIEM) system
  • Monitored Security Management Console for Security Operation Centre (SOC) for ensuring confidentiality, Integrity and Availability of Information systems.
  • Perform cyber and physical access control log monitoring to include firewall logs, IPS logs, anti-virus logs, web logs, and SIEM logs.
  • Onboarding of new data into Splunk. Troubleshooting Splunk and optimizing performance.
  • Actively involved in standardizing Splunk Forwarder deployment, configuration, and maintenance across various Operating Systems.
  • Monitored Security Management Console for Security Operation Centre (SOC) for ensuring confidentiality, Integrity and Availability of Information systems.
  • Created Dashboards, Visualizations, Statistical reports, scheduled searches, alerts and worked on creating different other knowledge objects.

Environment: Splunk6.1.3, Oracle 11g, SQL Developer, python scripting, Linux, UNIX, UNIX shell scripting.

Splunk Developer

Confidential

Responsibilities:

  • Installation and configuration of Splunk product at different environments like Linux Ubuntu, Centos and Windows Environments.
  • Worked on Multiple Production Roles and Created Alerts with Using of Splunk, Also Created Multiple dashboards and Alerts at a time.
  • Involved in Installation, Administration and Configuration of Splunk Enterprise and integration with local legacy systems.
  • Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
  • Hands on development experience in customizing, visualizations, configurations, reports and search capabilities using customized Splunk queries.
  • Good experience in Splunk, WLST, Shell scripting to automate and monitor the environment routine tasks.
  • Worked on Application Performance Management (APM) for Server, database Monitoring to Detect and Diagnose Complex Application Server Performance.
  • Created Splunk ITSI log Analytics artifacts Describing IEP services, Defining KPI's and Configuration Thresholds.
  • Worked on Service now tool for ticket Raising and worked VM ware and AWS Virtual System Platforms
  • Experience on Configured and developed complex dashboards and reports on Splunk.
  • Splunk DB Connect 2.0 in search head cluster environments of Oracle. Worked on Splunk UI/GUI development and operations roles.
  • Using the Site Scope for different Monitored Applications Servers Web Logic, Web sphere and data base servers like MY SQL and Oracle.
  • Developed Various Reports Using on Java XML Files and Developed J2EE Application on Linux and Windows Platforms.
  • Expertise in creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
  • Managed Indexer Clusters including security, hot and cold bucket management and retention policies.
  • Integrate Service Now with Splunk to consume the alerts from Splunk and create service now tickets.

Environment: Splunk 6.x, Splunk DB Connect 2.0 and other modules, Oracle WebLogic 9.x/10.x, JBoss 5.x/6.x, Tomcat 5.x/6.x, App Dynamics, 4.2.X, Oracle 9i/10g, Solaris 10, LINUX, Unix Shell Script, Server 6.0, Apache 2.x, python.

We'd love your feedback!