Splunk Admin /developer Resume
Dulles, VA
SUMMARY
- 4+years of IT experience in software development in Splunk Admin/developer, LINUX/UNIX on varied projects which involves Design and Development of client/server. In platform consisting of Red Hat Linux and windows operating systems.
- Worked on Splunk Enterprise Security 6.x.
- Worked on Design, support and maintain the Splunk infrastructure on Windows and Linux environments. Installation of Splunk Enterprise, Apps in multiple servers wif automation.
- Experience working on Splunk 5.x, 6.x, Splunk DB Connect 1.x, 2.x on distributed Splunk Environments and Clustered Splunk Environments on Linux and Windows operating systems
- Great experience to Create Dashboard Views, Reports and Alerts for events and configure alert mail.
- Strong experience in Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing. Working on indexers and computing servers and wif configuration management. Experience security patching distributed Splunk architecture and components including search heads, indexes and forwarders.
- Experience wif Splunk Searching and Reporting modules, Knowledge Objects, Administration, Dashboards, Clustering and Forwarder Management.
- Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
- Expert wif various search commands like stats, chart, time chart, transaction, table etc.
- Experience on Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
- Interpreted and developed SIEM products to meet the internal and external and customer requirements. Experience in working on Enterprise Security log management and SIEM solutions.
- Worked on Security solutions SIEM dat enable organizations to detect, respond and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions.
- Scripting and development skills using Perl and Python wif strong noledge of Regular expressions.
- Created Reports, Alerts and Dashboards by Splunk query language.
- Strong experience on Troubleshooting Splunk search head, Indexer and forwarder issues and document.
- Worked on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
- Set indexing property configurations, including time zone offset, custom source type rules. Configure Regex transformations to perform on data inputs.
- Provided 24/7 on - call support for production, Good exposure in troubleshooting and debugging on Splunk and very proactive in problem solving wif providing best solutions.
- Motivated wif excellent verbal/written communication skills, fast learner, good team player admirable presentation capabilities, efficient requirement gathering ability and TEMPeffectively convey them to other members in the team.
TECHNICAL SKILLS
Splunk Modules: Splunk 5.x/6x, Splunk DB Connect 1.x, 2.x, Splunk Enterprise security, Splunk on Splunk, Splunk App for VMware, Splunk Web Framework, Splunk IT Service Intelligence
Operating Systems: Red Hat Linux (4.x, 5.x, 6.x) Unix, Windows.
Web Servers: Oracle Http Server, IBM-HTTP.
Application Servers: Oracle Web Logic Server 8.x./9.x/10.x, Oracle SOA Suite 11g.
Tools: used: Splunk 5x/6x Is 5.1 .5.3 6.1.3 , 6.2.3, 6.3, Oracle … TOAD, SQL Loader, TOAD 10.6.
Databases: Oracle, MYSQL SERVER, MS Access.
Languages: SPL, SQL and PL/SQL.
Scripting Languages: Perl, Python, UNIX Shell Scripting (Bourne, Korn, C and Bash).
Networking & Protocols: TCP/IP, HTTP, SNMP, SIEM.
PROFESSIONAL EXPERIENCE
Confidential - Dulles, VA
Splunk Admin /Developer
Responsibilities:
- Responsible for initiating, planning, executing, configuring, and deploying the latest version of Splunk on a Windows or Linux environment.
- Install, configure and administer Splunk Enterprise Server 6.0.4 and Splunk Forwarder 4.x.x/5.x.x/6.x.x on Red hat Linux and Windows severs.
- Upgraded Splunk Enterprise from v 6.2 to v 6.5.2 in clustered environments and non-clustered environments
- Setup Splunk Forwarders for new application tiers introduced into environment and existing applications Work closely wif Application Teams to create new Splunk dashboards for Operation teams.
- Created Dashboards, report, scheduled searches and alerts.
- Experience in Splunk GUI development creating Splunk apps, searches, Data models, dashboards and Reports using the Splunk query language.
- Analyzed security based events, risks and reporting instances and Develop dashboards wif visual metrics for stakeholders.
- Troubleshooting and resolve the Splunk - performance, search poling, log monitoring issues; role mapping, dashboard creation etc. Experience wif Web Services and load balancing configurations.
- Monitored Splunk infrastructure for capacity planning, system health, availability, and optimization.
- Experience in creating SQL loader scripts to load data from flat files into the database and also creating External Tables to manage data which is store at the OS level.
- Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
- Dashboards and Reports to show Login count of each application, to show which app resources being accessed more, Number of failed logins, statistics on High hitting applications.
- Created Shell Scripts to install Splunk Forwarders on all servers and configure wif common configuration files such as Outputs.conf and Inputs.conf files.
- Worked on Splunk Buckets (Hot, Warm, Cold, Frozen).
- Expertise wif SIEM (security information and event management). Manage Splunk user accounts (create, delete, modify, etc.) Scripted SQL Queries in accordance wif the Splunk.
- Maintain current functional and technical noledge of the Splunk platform and future products.
Environment: Splunk 6.x, Splunk Enterprise and Splunk modules, Splunk DB connect, Web Logic server 8.x/9.x/10.x/11g, Tomcat 6.x, Oracle 11g/10g, Me, web services, HTTP, HTML, XML, SPL, SIEM, Python.
Confidential - Lake Oswego, OR
Splunk Admin/Developer
Responsibilities:
- Involved in Installation, Administration and Configuration of Splunk Enterprise and integration wif local legacy systems.
- Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
- Hands on development experience in customizing, visualizations, configurations, reports and search capabilities using customized Splunk queries.
- Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy Forwarder and Universal forwarder, License model.
- Designing and maintaining production-quality Splunk dashboards.
- Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
- Experience on Configured and developed complex dashboards and reports on Splunk.
- Expertise in creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
- Drive complex deployments of Splunk dashboards and reports while working side by side wif technical teams to solve their integration issues.
- Created Regular Expressions for Field Extractions and Field Transformations in Splunk.
- Responsible for documenting the current architectural configurations and detailed data flow and Troubleshooting Guides for application support.
- Expertise in creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
- Analyzed security based events, risks and reporting instances
- Managed Indexer Clusters including security, hot and cold bucket management and retention policies.
- Worked on Various types of charts, alerts settings, app creations, user and role access permissions.
- Splunk configuration dat involves different web application and batch, create Saved search and summary search, summary indexes. Managing indexes and cluster indexes, Splunk web framework, data model and pivot tables.
- Performed troubleshooting and/or configuration changes to resolve Splunk integration issues.
Environment: Splunk 6.x, Oracle WebLogic 9.x/10.x, Tomcat 5.x/6.x, Oracle 9i/10g, Solaris 10, LINUX, Server 6.0, Apache 2.x.
Confidential - NYC, NY
Splunk Admin/Developer
Responsibilities:
- Created dashboards, reports, scheduled searches and alerts related to the installation.
- Configured Indexer replication to achieve Data availability, Data fidelity and Disaster tolerance.
- Worked on DB connect configuration to communicate wif Oracle, MySQL databases.
- Installed different Splunk Applications some of them are Cisco for Splunk, Windows for Splunk and VMware for Splunk
- Operated machine data using Splunk Processing Language.
- Worked on setting up Splunk to capture and analyze data from various layers Load Balancers, Web servers and application servers.
- Created, configured management reports and dashboards in Splunk for Application Log Monitoring and supported Splunk cluster infrastructure in AWS cloud environment.
- Worked on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
- Created many proof of concepts on Dashboards for IT Operations and service owners which are used to monitor application and server health.
- Captured data in various front-end, middleware applications.
- Created Dashboards to monitor the response times, warnings, errors and traffic volumes across various data centers, applications and servers.
- Standardized Splunk forwarder deployment, configuration and maintenance in Linux and windows platforms.
- Worked on large datasets to identify metrics, drivers, performance gaps and opportunities for improvement.
- Configured Splunk forwarder to send unnecessary log events to "Null Queue" using props and transforms configurations to reduce license costs.
- Additional responsibilities include Knowledge management, Providing KTs, Documentation and Communications on future upgrades.
- Experienced in attending the bridge calls for production issues and non-prod issues and involved application teams or database teams or networking teams to resolve the issues and involved in Root cause analysis for the issues encountered. Also provided 24/7 on call support for all the production applications.
Environment: Splunk Enterprise 6.x, Splunk DB Connect, Splunk app for windows, Splunk app for Linux/Unix, Splunk web analytics, SOS and other modules, LINUX, IIS, AD, LDAP, Apache 2.x, python, cento.
Confidential - McLean, VA
Splunk Admin/Developer
Responsibilities:
- Implemented Splunk to analyze the patterns of the customers and all the data generated from various web and server logs in order to analyze the behavioral pattern of the customers.
- Managed existing application and created new applications
- Implemented Splunk solution as per the design agreed in order to analyze the logs in the applications
- Prepared, arranged and tested Splunk search strings and operational strings.
- Created automated events in Splunk using Perl wif Service-Now for event triggering.
- Provided load/stress and architecture validation testing and troubleshooting on issues such as Out of Memory, 100% CPU Usage hung Thread sessions, session replication, JVM Crashes.
- Guarantee high accessibility & execution through flat scaling and burden adjusted segments.
- Developed scripts (Python, JavaScript, etc.) as needed in support of data collection, reporting and presentation requirements.
- Generating reports wif deep analysis by using Splunk Query language
- Worked on setting up Splunk to capture and analyze data from various layers like Web Servers and SAP Application Servers.
- Extracted complex Fields from different types of Log files using Regular Expressions.
- Expansively involved in troubleshooting the issues and document the problem resolutions for future references.
- Delivered inputs for identifying best fit architectural solutions - deployment for Splunk project.
- Responsible for administering, maintaining and configuring a 24 x 7 highly available, Splunk apps for production portal environment.
- Involved in developing complex scripts to automate batch jobs.
- Performed deeper analysis of data using event correlations across indexes and various source types to generate custom reports for senior management.
Environment: Splunk Enterprise Server 6.0.4/6.1.1 , Universal Splunk Forwarder 5.0.1/6.2.0 , Red Hat Linux, IBM HTTP Web Server 6.1/7/8, Oracle, HACMP 5.4, HTML, Java Script, XML,Windows 2008 R2, Python, Regular Expressions.