P ROFESSIONAL SUMMARY:

• Around 8 years of Total IT experience in configuring, implementing and supporting Splunk Server Infrastructure across Windows, UNIX and Linux.
• Experience in understanding of Splunk5.x and 6.x product, distributed Splunk architecture and components including installation of Search Heads, Indexers, Forwarders, Deployment Server, License Model and Heavy/Universal Forwarder.
• Proficient in Parsing, Indexing, Searching Concepts like Hot, Warm, Cold, Frozen bucketing.
• Creating dashboards with Scheduled Searches or Inline Search vs Scheduled Search in a Dashboard.
• Experience developing Splunk Queries and Dashboards targeted at understanding application performance and capacity analysis.
• Knowledge on Configuration files in Splunk props. conf, Transforms.confg, Output.confg.
• Experience in Tuning SQL queries using utilities like EXPLAIN PLAN, SQL Trace and TKPROF to improve the performance.
• Experience developing Splunk Queries and Dashboards targeted at understanding application performance and capacity analysis
• Design, Deploy, and Support enterprise Splunk logging application. Assist other enterprise instances as Splunk Subject Matter Expert SME.
• Expert in creating SQL Queries, PL/SQL Packages, Functions, stored procedures, cursors, Collections (Nested tables and V arrays), Records, Object types and Database Triggers.
• Familiar with the Subversion version control software.
• Splunk and Python Script is used to show how these logs can be analyzed for certain Events / Patterns and deduce information which can in turn be used to Self - learn and Self-Heal when these events re-occur on a regular basis.
• Assisted internal users of Splunk in designing and maintaining production quality dashboard.
• Ability to work in a team environment and as an individual with strong technical and communication skills, and good zeal in adapting new technologies in a fast-paced environment.
• Installed and configured Splunk Enterprise and Enterprise Security(ES)
• Performed troubleshooting and/or configuration changes to resolve Splunk integration issues. Scripting and development using Perl and Python. Creating and managing apps, Create user, roles, Permissions to knowledge objects.
• Experience in optimizing searches for better performance, Search time vs. Index time field extraction and understanding of configuration files, precedence and working.
• Gathered various sources of syslog and XML data from devices, applications, and data bases.
• Involved in writing complex IFX, Rex and Multi kv command to extracts the fields from the log files. X.

TECHNICAL SKILLS:

Operating Systems: Microsoft windows, Linux, Unix, Development Methodologies & process waterfall and Agile Methodology

Information Security: Splunk ES

Splunk Modules: Splunk 6.2, Splunk 6.1.3, Splunk on Splunk, Splunk Enterprise 7.x, Splunk DB Connect, Splunk Cloud, Splunk Web Framework

Databases: Oracle, MongoDB, SQL Server, MySQL

Monitoring tools: SPLUNK 6.2, SPLUNK 6.3.3, SPLUNK 6.4, AppDynamics, Dynatrace.

Web Technologies: Html, JavaScript, CSS

Testing tools: JMeter and Postman.

Web Servers: Apache Tomcat, WAMP, JBoss, IBM WebSphere, Azure, Oracle.

Languages: C#,VB6, UNIX Shell/Bash Scripting, JAVA/J2EE.

PROFESSIONAL EXPERIENCE:

Senior Splunk Admin/Developer

Confidential - Tampa, FL

Responsibilities:

• Installation and configuration of Splunk product at different environments. Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Monitoring or analyzing the real-time events for the security devices like Firewall, IDS, Anti-Virus etc., using SIEM tools.
• Developed Splunk Dashboards, searches and reporting to support various internal clients in Security, IT Operations and Application Development.
• Analyzed security-based events, risks and reporting instances. Correlating events from a Network, OS, Anti-Virus, IDS/ IPS, Firewalls or Proxies and analyzing them for possible threats.
• Understand and interpret customer requirements for Splunk implementation for an enterprise solution.
• Provide deployment strategies with the understanding of affordable risk based on customer acceptance.
• Created and configured management reports and dashboards. Planned, implemented, and managed Splunk for log management and analytics
• Monitor security violations, flag potential violations and logging security incidents in Service Now.
• Validate the existing rules and provide recommendation on fine tuning the rules. Creating and sending Risk Advisories to our clients.
• Suppress false positive alerts. Weekly/Monthly incident analysis report. Analyzing the events and providing solutions for the incidents.
• Involved in setting up alerts for a different type of errors, Data Enrichment using the lookups and Data Interpretation using the Fields and Fields Extraction and performing the Data Normalization using the Tags.
• Good Understanding of configuration files, precedence and daily work exposure to Props.conf, transforms.conf, inputs.conf, outputs.conf and Setting up a forwarder information based on requirement.
• Maintained Splunk Environment with multiple indexers; managed and configured settings.
• Improved search performance by configuring to search heads for all Indexes in production.
• Analyzed security-based events, risks and reporting instances. Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
• Worked for getting data in managing Splunk apps. Assisted internal users of Splunk in designing and maintaining production-quality dashboards.
• Splunk DB Connect 2.0 in search head cluster environments of Oracle. Installation and implementation of several kinds of visualizations to Splunk dashboards.
• Continuous monitored of the alerts received through emails to check if all the application servers and web servers are up.
• Knowledge on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Conducted surveillance on various phishing emails and created alerts from future spam. Worked as part of Cyber Security Incident Response team to check on malware virus and threat emails.
• Developed Splunk Search Processing Language (SPL) queries, created Reports, Alerts and Dashboards and customized them.

Environment: Splunk 6.x, Splunk DB Connect and other modules, Oracle WebLogic 9.x/10.x, Tomcat 5.x/6.x, Oracle 9i/10g, Solaris 10, LINUX, Sun ONE Directory Server 6, Sun One Web Server 6.0, Apache 2.x, Python

Splunk Admin/ Developer

Confidential - Los Angeles, CA.

Responsibilities:

• Installation of Splunk Enterprise, Splunk forwarders’, Splunk Indexer, Apps in multiple servers (Windows and Linux) with automation.
• Install and maintain the Splunk adds-on including the DB Connect, Active Directory LDAP for work with directory and SQL database.
• Manage Splunk configuration files like inputs, props, transforms, and lookups.
• Deploy, configure and maintain Splunk forwarder in different platforms.
• Ensuring that the application website is up and available to the users.
• Continuous monitoring of the alerts received through mails to check if all the application servers and web servers are up.
• Create Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Problem record analysis and solution providing.
• Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
• Creating Reports, Pivots, alerts, advance Splunk search and Visualization in Splunk enterprise.
• Modification of python scripting for SCCM and HP Server Automation for Splunk deployments and updates.
• Provide power, admin access for the users and restrict their permission on files.
• Installed, tested and deployed monitoring solutions with Splunk services.
• Provided technical services to projects, user requests and data queries.
• Implemented forwarder configuration, search heads and indexing.
• Assisted in auditing through Splunk SME knowledge.
• Supported data source configurations and change management processes.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Performed Splunk administration tasks such as installing, configuring, monitoring and tuning.
• Active monitoring of Jobs through alert tools and responding with certain action w.r.t to logs, analyses the logs and escalate to high level teams on critical issues.
• Worked on log parsing, complex Splunk searches, including external table lookups.
• Designing and maintaining production-quality Splunk dashboards.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Deployed applications on multiple WebLogic Servers and maintained Load balancing, High availability and Fail over functionality.
• Involved in monitoring the ticketing tool and taking the ownership of the tickets.
• Developed build scripts, UNIX shell scripts and auto deployment processes.

Environment: Splunk 6.x, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL, XML, Java Script, MS Excel, MS Power Point.

Splunk Admin/Developer

Confidential - Palm Beach, Florida

Responsibilities:

• Installation and configuration of Splunk product at different environments. Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Install and maintain the Splunk adds-on including the DB Connect, Active Directory LDAP for work with directory and SQL database.
• Create Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Creating Reports, Pivots, alerts, advance Splunk search and Visualization in Splunk enterprise.
• 1Provided technical services to projects, user requests and data queries.
• Performed data conversions from flat files to a normalized database structure.
• Created and maintained Indexes for various fast and efficient reporting processes.
• Import & Export of data from one server to other servers using tools like Data Transformation Services (DTS) and bulk copy. Periodic monitoring of the system for bottlenecks.
• Worked with management to update security manuals and address current concerns.
• Participated in Tools tribe meetings and gathered requirements from all SME's and developed dashboards for WIB, Bill pay, Navv app, www app.
• Worked for getting data in managing Splunk apps. Assisted internal users of Splunk in designing and maintaining production-quality dashboards.
• Knowledge on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Maintained Splunk Environment with multiple indexers; managed and configured settings.
• Created EVAL Functions where necessary to create new field during search run time.
• Used Ifx, Rex and Regex commands for field extraction.
• Identify pattern and trends that are indicators of routine problems.
• Implemented forwarder configuration, search heads and indexing.
• Built dashboards, views, alerts, reports, saved searches using XML Search

  Processing language (SPL).

• Analyzed and monitored incident management and incident resolution problems. Involved in transformation of IRS ETI user requirements into Splunk ITSI Use cases.
• Created ITSI Dashboards/ Glass-Tables
• Resolved configuration-based issues in coordination with infrastructure support teams.
• Created many Splunk ITSI Log Analytics artifacts describing IEP Services.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.

Environment: Splunk 6.0.1, ITSI,Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL, XML, Java Script, MS Excel, MS Power Point.

Splunk Admin

Confidential

Responsibilities:

• Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.
• Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering, and Forwarder Management.
• Administer and configure Splunk components like Indexer, Search Head, Heavy forwarder etc.; deploy Splunk across the UNIX and Windows environment; Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Performed Splunk administration tasks such as installing, configuring, monitoring, and tuning.
• Developed Cyber Security Standards on NIST Frameworks and insured their proper implementation to reduce the risk of vulnerability to IT assets.
• Setup Splunk forwarders for new application tiers introduced into an existing application.
• Experience in working with Splunk authentication and permissions and having significant experience in supporting large-scale Splunk deployments.
• Coordinate incident handling with IT and Security staff.
• Process phone calls and email requests for events.
• Manage the Security Incident and Event Management (SIEM) infrastructure
• Analyze network traffic and various log data and open source information to determine the threat against the network required response, containment, investigation, and remediation.
• Responsible for incident response, tuning, system administration, operations and maintenance of the Security Incident and Event Management (SIEM) system
• Monitored Security Management Console for Security Operation Centre (SOC) for ensuring confidentiality, Integrity and Availability of Information systems.
• Perform cyber and physical access control log monitoring to include firewall logs, IPS logs, anti-virus logs, web logs, and SIEM logs.
• Onboarding of new data into Splunk. Troubleshooting Splunk and optimizing performance.
• Actively involved in standardizing Splunk Forwarder deployment, configuration, and maintenance across various Operating Systems.
• Monitored Security Management Console for Security Operation Centre (SOC) for ensuring confidentiality, Integrity and Availability of Information systems.
• Created Dashboards, Visualizations, Statistical reports, scheduled searches, alerts and worked on creating different other knowledge objects.

Environment: Splunk6.1.3, Oracle 11g, SQL Developer, python scripting, Linux, UNIX, UNIX shell scripting.

Splunk Developer

Confidential

Responsibilities:

• Installation and configuration of Splunk product at different environments like Linux Ubuntu, Centos and Windows Environments.
• Worked on Multiple Production Roles and Created Alerts with Using of Splunk, Also Created Multiple dashboards and Alerts at a time.
• Involved in Installation, Administration and Configuration of Splunk Enterprise and integration with local legacy systems.
• Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Hands on development experience in customizing, visualizations, configurations, reports and search capabilities using customized Splunk queries.
• Good experience in Splunk, WLST, Shell scripting to automate and monitor the environment routine tasks.
• Worked on Application Performance Management (APM) for Server, database Monitoring to Detect and Diagnose Complex Application Server Performance.
• Created Splunk ITSI log Analytics artifacts Describing IEP services, Defining KPI's and Configuration Thresholds.
• Worked on Service now tool for ticket Raising and worked VM ware and AWS Virtual System Platforms
• Experience on Configured and developed complex dashboards and reports on Splunk.
• Splunk DB Connect 2.0 in search head cluster environments of Oracle. Worked on Splunk UI/GUI development and operations roles.
• Using the Site Scope for different Monitored Applications Servers Web Logic, Web sphere and data base servers like MY SQL and Oracle.
• Developed Various Reports Using on Java XML Files and Developed J2EE Application on Linux and Windows Platforms.
• Expertise in creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
• Managed Indexer Clusters including security, hot and cold bucket management and retention policies.
• Integrate Service Now with Splunk to consume the alerts from Splunk and create service now tickets.

Environment: Splunk 6.x, Splunk DB Connect 2.0 and other modules, Oracle WebLogic 9.x/10.x, JBoss 5.x/6.x, Tomcat 5.x/6.x, App Dynamics, 4.2.X, Oracle 9i/10g, Solaris 10, LINUX, Unix Shell Script, Server 6.0, Apache 2.x, python.