SUMMARY

• Over 6+ years of experience as a Splunk Engineer configuring, Implementing and Supporting Splunk Server Infrastructure across Windows, UNIX and LINUX environments
• Experience working on Splunk6.x, 7.x, 8.xSplunk DB Connect 2.x, 3.x on distributed Splunk Environments and Clustered Splunk Environments on Linux and Windows operating systems Worked on Splunk Enterprise Security 4.x. Worked on the Security Implementation.
• Expert in Install, Configure & administer Splunk Enterprise Server andSplunk Universal Forwarder,Splunk Heavy Weight Forwarder in large distributed environment.
• Extensive experience in Installation, Configuration, Migration, Trouble shooting and Maintenance onSplunk, Apache Web server on Different UNIX flavors like Linux.
• Worked on Design, support and maintain theSplunk infrastructure in Windows and Linux environments. Installation ofSplunk Enterprise, Apps in multiple servers with automation.
• Great experience to Create Dashboard Views, Reports and Alerts for events and configure alert mail. Great Experience onSplunk Programming Language.
• Good Experience in creating theSplunk app for Enterprise Security to Identify and Address emerging security Threats using continuous monitoring, alerting and analytics.
• Strong experience in Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing. Working on indexers and computing servers and with configuration management.
• Experience security patching distributedSplunk architecture and components including search heads, indexes and forwarders.
• Excellent Experience to understanding the Software Development Life Cycle (SDLC).
• Good Experience on System Center Operations Manager (SCOM) and Good Experience onSplunk Enterprise Security Glass Table Errors and Visualization Issues.
• Experience withSplunk Searching and Reporting modules, Knowledge Objects, Administration, Dashboards, Clustering and Forwarder Management.
• Created and ManagedSplunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Worked on Operational Intelligence usingSplunk and Creating Dashboards with the Using XML.
• Experience onSplunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Interpreted and developed SIEM products to meet the internal and external and customer requirements. Experience in working on Enterprise Security log management and SIEM solutions.
• Experience in REST API, web - based technologies and Scripting Languages including perl, python and shell Scripting XML, HTML.
• Scripting and development skills using Python with strong knowledge of Regular expressions.
• Created Reports, Alerts and Dashboards bySplunk query language.
• Strong experience on TroubleshootingSplunk search head, Indexer and forwarder issues and document.
• Worked on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Set indexing property configurations, including time zone offset, custom source type rules. Configure Regex transformations to perform on data inputs.
• Provided 24/7 on-call support for production, Good exposure in troubleshooting and debugging onSplunk and very proactive in problem solving with providing best solutions.
• Motivated with excellent verbal/written communication skills, fast learner, good team player admirable presentation capabilities, and efficient requirement gathering ability and effectively convey them to other members in the team.

TECHNICAL SKILLS

Splunk: Splunk 5.x/6.x/7.x/8.x, Splunk Enterprise, Splunk Web Framework, Splunk ITSI, Splunk ES

Languages: R, JAVA, C, C++,Python

Data Analytics Tool: SAS

Java/J2EE Technologies: J2EE, JSP, JDBC

Operating System: Windows 9 / XP / Vista / 7/8.1

Database: DB2, SQL Server, MYSQL, Oracle 9i/10g/11i

Scripts: Java Scripts, SQL Scripts, Python

Application/Web Servers: Tomcat 6.x, Web Sphere, Web logic

Software Methodologies: SDLC (Agile, Spiral, Waterfall)

IDEs: Eclipse, Net beans

PROFESSIONAL EXPERIENCE

Splunk Engineer

Confidential - San Jose, CA

Responsibilities:

• Developing advanced dashboards, Visualizations, Statistical reports, scheduled searches, Alerts and worked on creating different other knowledge objects.
• Involved in Design, Implementation and configuration of Splunk Enterprise
• Responsible for installing and managing Splunk apps in multiple servers
• Involved in installing and configuration of forwarders and indexers.
• Experience in working with SAML configuration.
• Worked on setting up Splunk to capture and analyse data from various layers, Load Balancers, Webservers and application servers
• Managed the configuration files (inputs, outputs, props, transforms, lookups)
• Monitoring of server by setting alerts through emails whenever the server loads go above or whenever the performance slows down
• Prepared and tested Splunk search strings and operational strings
• Designed quick reports with tables and visualizations through pivots
• Used moving trend line to see the sharp rise in the metrics like Traffic, sales and database load
• Involved in building database Model, APIs and Views utilizing python, in order to build an interactive web based solution.
• Developed scripts (Python, JavaScript, etc.) as needed in support of data collection, reporting and presentation requirements.
• Continuous monitoring of the application website, to ensure that it is running and available for the users
• Used Rex, IFX and Regex commands to extract the fields
• Created Data models, Pivots and visualization in Splunk enterprise
• Involved in handling on Splunk architecture and its various components
• Maintained the Splunk Environment with the help of multiple indexes
• Created Splunk applications and deployed using Splunk Deployment server
• Worked on External Lookup files
• Analysed the logs of the web application using Splunk
• Involved in the Root cause analysis for the issues encountered

Splunk Developer/Admin

Confidential - Dallas, TX

Responsibilities:

• Installation and configuration ofSplunk product at different environments like Linux Ubuntu, Centos and Windows Environments.
• Worked on Multiple Production Roles and Created Alerts with Using ofSplunk, Also Created Multiple dashboards and Alerts at a time.
• Involved in Installation, Administration and Configuration ofSplunk Enterprise and integration with local legacy systems.
• ConfiguredSplunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Hands on development experience in customizing, visualizations, configurations, reports and search capabilities using customizedSplunk queries.
• Knowledge aboutSplunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy Forwarder and Universal forwarder, License model.
• Designing and maintaining production-qualitySplunk dashboards.
• UpgradedSplunk Enterprise from v 6.x to v 7.x in clustered environments and non-clustered environments.
• Working on 6TB Data Everyday Onboarding in to SplunkIndexer and Also involved Every Day Both Clustered and Non-Clustered Deployments.
• Worked on Application Performance Management (APM) for Server, database Monitoring to Detect and Diagnose Complex Application Server Performance.
• CreatedSplunk ITSI log Analytics artifacts describing IEP services, Defining KPI's and Configuration Thresholds. Worked on the Building Big Data Applications InSplunk. Both Structured and Unstructured Data and Created Secured Alerts, Dashboards, Reports, Fields, Tags and Event Types.
• Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Worked on Service now tool for ticket Raising and worked VM ware and AWS Virtual System Platforms
• Splunk DB Connect 2.0 in search head cluster environments of Oracle. Worked onSplunk UI/GUI development and operations roles.
• Developed Various Reports Using on Java XML Files and Developed J2EE Application on Linux and Windows Platforms.
• Worked on Network Security Analysis for Continues Monitoring and Find out the Break Events.
• Responsible for documenting the current architectural configurations and detailed data flow and Troubleshooting Guides for application support.
• Expertise in creating and customizingSplunk applications, searches and dashboards as desired by IT teams and business.
• Writing on Reg EX Queries forSplunk Data retrieval and write the Reg EX queries for creating alerts, reports and Dashboards.
• CreatedSplunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Create Dashboard Views, Reports and Alerts for events and configure alert mail OR depends on the requirement.
• Troubleshooting of searches for performance issues by adding lookups, correct joins and using summary indexes. Captured data from various front end, middle ware application.
• Dashboards were created to monitor the traffic volume across, response times, Errors, Warnings across.
• Managed Indexer Clusters including security, hot and cold bucket management and retention policies.
• Worked on Various types of charts, alerts settings, app creations, user and role access permissions.
• Integrate Service Now withSplunk to consume the alerts fromSplunk and create service now tickets.
• Summary indexes. Managing indexes and cluster indexes,Splunk web framework, data model and pivot tables.

Splunk Engineer

Confidential, St. Louis, MO

Responsibilities:

• Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.
• Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering, and Forwarder Management.
• Administer and configure Splunk components like Indexer, Search Head, Heavy forwarder etc.; deploy Splunk across the UNIX and Windows environment; Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Performed Splunk administration tasks such as installing, configuring, monitoring, and tuning.
• Setup Splunk forwarders for new application tiers introduced into an existing application.
• Experience in working with Splunk authentication and permissions and having significant experience in supporting large-scale Splunk deployments.
• On boarding of new data into Splunk. Troubleshooting Splunk and optimizing performance.
• Actively involved in standardizing Splunk Forwarder deployment, configuration, and maintenance across various Operating Systems.
• • Created Dashboards, Visualizations, Statistical reports, scheduled searches, alerts and worked on creating different other knowledge objects.
• Analysed security based events, risks and reporting instances.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Involved in interacting with business owners, developers and business analysts in improving the application.
• Gained in-depth knowledge of Ant build and Web Sphere servers.
• Involved in handling various Incident and request related to the application.
• Involved in monitoring the ticketing tool and taking the ownership of the tickets.
• Worked on various defects analysis and fixed them.
• Worked closely with business partners in addressing their queries.