Splunk Engineer Resume
Charlotte, NC
PROFESSIONAL SUMMARY
- About 5 years of IT experience with a major focus on Splunk administration and development.
- Hands on experience in architecting and deploying splunk components on Unix and Windows Servers and configuring clusters, troubleshooting, and maintenance of various components of Splunk Enterprise.
- Strong Knowledge of Splunk architecture and its components (indexer, search head, deployment server, Heavy and Universal forwarders).
- Good experience in Splunk SIEM apps (Splunk ITSI and Enterprise Security).
- Created and configured KPI’s and built Glass tables, Deep dives and Notable events in Splunk IT Service Intelligence (ITSI) and configured services, Entities, Correlations searches with corresponding KPI metrics.
- Extensive experience in Splunk content development (creating apps, dashboards, data models, Knowledge Objects). Developed correlation queries, reports, alerts, dashboards, and visualizations with various application and network logs and summary indexes required to implement Security Use Cases in Splunk ES Application.
- Worked on onboarding security data sources into Splunk and has good experience with Syslog inputs over UDP.
- Strong Knowledge of various SPL commands like stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table and timechart attributes such as Span, Bins, Tag, Event types and Excellent knowledge in field extraction using rex command and RegEx.
- Expertise in writing shell and python scripts for various activities like Generating Server Status and Health reports, Deployments on large scale configuration of servers.
- Has used various defect tracking/change management tools JIRA, HP ALM, and Service Now.
- Excellent communication skills, teh ability to work as a team or individually and to learn new technologies quickly.
- Good Interpersonal Skills, team - working attitude, takes initiatives and very proactive in solving problems and providing teh best solutions.
TECHNICAL SKILLS
Programming: Python, Splunk SPL, YAML, SQL, Shell Scripting, Regex, Excel-Macro, Ansible.
Web Technologies: Servlets, JDBC, HTML/CSS, JavaScript, XML, JSON.
Tools: Splunk Enterprise 6.0+, Splunk Universal Forwarder 6.0+, Splunk DB Connect, Splunk ITSI, Splunk ES, Splunk Phantom, Oracle Weblogic, IBM Case Manager, IBM Tivoli, MS Office Suite.
Operating Systems: RedHat Enterprise Linux, Ubuntu, Fedora, Windows 7/10, Windows Server 2008/2016.
RDBMS: Oracle, DB2, SQL Server, MySQL.
Networking: TCP/IP, HTTP/ HTTPS, LAN/WAN, FTP, SSH, LDAP, DNS, Router/Switch, Firewall.
CI/CD tools: Cloudbees Jenkins, Gitlab.
SDLC: Agile, Scrum Methodologies.
PROFESSIONAL EXPERIENCE
Confidential, Charlotte, NC
Splunk Engineer
Responsibilities:
- Worked on Splunk Administration of a distributed Splunk environment.
- Good Experience in configuring Multi-site indexer cluster, Search Head Cluster and HTTP event collectors.
- Worked on teh setup of Splunk Forwarders for new and existing application environments.
- Experience in building, deploying and maintaining Splunk applications and add-ons in a distributed cluster.
- Good Experience in onboarding multiple log file formats from various sources.
- Experience in advanced level Splunk dashboarding, index-time and search-time data parsing.
- Worked on Splunk Enterprise Security application and integrating Splunk with a wide variety of data sources.
- Worked on creating Glass tables, configured KPI’s and notable events in Splunk ITSI application.
- Worked on optimizing teh search performance of Splunk queries and reduced teh time for loading teh dashboards.
- Implemented Summary Indexing for daily and monthly business reports with Job Scheduling.
- Performed Field Extractions and Transformations using teh RegEx in Splunk.
- Created Splunk Apps using XML and Web Components. Knowledge of app creation, user and role access permissions.
- Good Knowledge on Splunk architecture and its various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
Confidential, Charlotte, NC
Splunk Developer
Responsibilities:
- Built dashboards, views, alerts, reports, saved searches using XML Search Processing language (SPL) for multiple projects in teh organization.
- Created alerts based on teh critical parameters dat trigger emails to teh development and support teams.
- Involved in developing complex scripts to automate batch jobs, troubleshooting and resolving teh Splunk -- performance, log monitoring issues, dashboard creation, etc.
- Analyzed security-based events, risks and reporting instances.
- Worked with application teams in on-boarding logs and creating Dashboards, Alerts, and Reports.
- Worked with teh Splunk admin team on configuring teh data extraction from custom log formats, so dat Splunk can identify most of teh fields.
- Created complex Rex and Multikv commands to extract teh fields from teh log files.
- Created tags, Event types, field lookups, using regular expressions, aliases for search-time outputs and visualizations.
- Worked on multiple Splunk SPL functions to create new fields during a search.
- Created and configured management reports and dashboards in Splunk for application log monitoring.
- Assisted internal users of Splunk in designing and maintaining production-quality dashboard.
Confidential
DevOps/Splunk Engineer
Responsibilities:
- Configuration and maintenance of Weblogic managed servers and server clusters, managing deployments of multiple web-based, Java, and enterprise applications.
- Working with development teams to create fully automated CI/CD Pipelines using Jenkins and Docker.
- Configured JDBC with databases such as Oracle and DB2.
- Managing and coordinating ongoing upgrade and migration of platform to stay up to date with teh software versions and patches being released to mitigate bugs and issues.
- Developed an automation tool using shell scripting dat would start, stop and check teh status of teh web process on application servers