SUMMARY:

• A Splunk engineer having 6+ years with strong experience as a Splunk developer and administration, automation & fix activities. Keenly interested in architecting and deploying Splunk; Enterprise security delivering innovative solutions around fix and automation, log analysis and data visualization; and open to learning new technologies to pursue that end.
• Experience in all facets of SDLC viz. requirement analysis, designs, development, testing, and post implementation revisions.
• Expert in installing SPLUNK apps for distributed environment.
• Experience in developing Splunk Infrastructure with associated components.
• Design, Deploy, and Support enterprise Splunk logging application. Assist other enterprise instances as Splunk Subject Matter Expert SME.
• Proficient with Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Experience in working on Splunk Hunk.
• Expert with various search commands like streamstats, eventstats, maxsearch, maxsearches, stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table etc.; Experience with the usage of Extract Key Word, seed, etc.
• Experience in creating tags, eventtypes, lookup tables.
• Experience in creating different visualizations using Bar, Line and Pie chart, Background Maps, Box plots, Scatter plots, Gantt charts, Bubble charts, Histograms, Trend lines & statistics, Bullets, Heat maps and Highlight tables.
• Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Expertise in creating Splunk, Dashboards, Reports and Alerts to meet business use cases.
• Strong experience with Splunk 5.x and 6.x product, distributed Splunk architecture and components including search heads, indexes and forwarders.
• Experience in Operational Intelligence using Splunk.
• Headed Proof - of-Concepts (POC) on Splunk ES implementation, mentored and guided other team members on Understanding the use case of Splunk.
• Expertise in customizing Splunk for Monitoring, Application Management and Security as per customer requirements and industry best practice.
• Expertise in Installation, Configuration, Migration, Trouble-Shooting and Maintenance of Splunk, Passionate about Machine data and operational Intelligence.
• Implemented workflow actions to drive troubleshooting across multiple event types in Splunk.
• Expert in installing and configuring Splunk forwarders on Linux, Unix and Windows.
• Expert in installing and using Splunk apps for UNIX and Linux (Splunk nix)
• Knowledge on Configuration files in Splunk (props. conf, Transforms.conf, Output.confg
• Experience with Splunk UI/GUI development activities by managing the Splunk knowledge objects like Field extraction, Tags and Lookups management.
• Extensive experience in writing Packages, Stored Procedures, Functions and Database
• Triggers using PL / SQL and UNIX Shell scripts.
• Excellent understanding of project issues, tracking of issues, solving issues and closing issues.
• Integrated Splunk Web environment with Mobile App.
• Good knowledge in Spunk DB Connect App and Basic understanding of Enterprise Security app.
• Predict fields using Machine Learning Tool kit Splunk app.
• Hands on experience in Python, Shell Scripting, Confidential designer, Oracle SQL, Siebel eScript, Java Script, CSS, HTML, Auto Hot Key.

TECHNICAL SKILLS:

Splunk: Splunk 5.x and 6.x, Splunk Enterprise, Splunk on Splunk, Splunk DB Connect, Splunk IT Service Intelligence, Splunk Web Framework, Splunk Machine Learning Tool kit, Splunk Hunk.

Operating Systems: Windows, Unix/Linux.

Data Analysis: Requirement Analysis, Business Analysis, detail design

Web technologies: HTML, CSS, JAVA, JavaScript, XML, Advanced XML

Concepts: SIEM, SDLC, Object Oriented Analysis and Design

Programming Language: C, JAVA, Python, UNIX shell scripts

Database: Oracle, MySQL, SQL queries, SQL Procedures

PROFESSIONAL EXPERIENCE

Confidential, Seattle, Washington

Splunk Engineer

Responsibilities:•

• Created Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards
• Installed and configured heavy, universal, and intermediate forwarders.
• Created data models and used report acceleration for faster searches.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Actively involved in trouble shooting issues.
• Worked on AppDynamics as a monitoring tool.
• Expertise with Splunk 6.3.04
• Involved in various phases of Software Development Life Cycle (SDLC) including Analysis, Design, Testing, Implementation and Maintenance.
• ITSI integration with the information from these files across the ITSI app as part of ITSI workflows.
• Set up of Splunk dashboards for continuous monitoring for production support.
• Played a major role in understanding the logs, server data and brought insight of the data for the users.
• Designing and maintaining production - quality Splunk dashboards using Xml.
• Able to make handle assumed names crosswise over application occasions and store data in Splunk storage Database (MongoDB).
• Analyzed various types of charts Alert settings Knowledge of app creation, user and role access permissions
• Analyzed EVAL Functions where necessary to create new field during search run time.
• Splunk configuration that involves Saved search, summary search and summary indexes.
• Integrated Splunk with Service now to create automatic incidents based on the alert.
• Helped in maintaining Splunk Instance and Monitoring health of the Cluster.
• Extracted various fields using field extractor, field extractions (rex) and calculated fields to optimize the search performance and reduce the load on the search ahead.
• Use techniques to optimize searches for better performance, Search time vs. Index time field extraction and understanding of configuration files, precedence and working.
• Continuous monitoring of the alerts received through mails to check if all the application servers and web servers are up.
• Configured various summary indexes by created saved searches to collect the aggregated data to run create dashboards on top of summary index.
• Assisted various other power users in optimizing the searches.
• Very good understanding of software development life-cycle (SDLC) process, Followed Agile scrum and story maps for dev tracking.

Environment: Splunk 6.3.04, Splunk Apps, Linux, XML, Splunk Tools, Search Processing Language(SPL), Testing, AppDynamics, Perl.

Confidential, New York

Splunk Developer/Admin

Responsibilities:

• Installation and configuration of Splunk product at different environments.
• Install, configure and administer Splunk Enterprise Server 6.x.x and Splunk Forwarder6.x.x on Red hat Linux.
• Designing and implementing Splunk-based best practice solutions.
• Requirement gathering and analysis.
• Receiving promptly, handling, gathering requirements through remedy tickets and resolving at on time.
• Communicating and collaborating with customers, Splunk users.
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
• Creating, maintain, support, repair, customizing System & Splunk applications, search queries and dashboards.
• Support and maintain large Splunk environment in a highly available, redundant, geographically dispersed environment
• Experience in deploying and configuring cyber tools such as Splunk.
• Perform Splunk agent deployment, configuration and troubleshooting across a variety of platforms
• Install and configure Splunk DB Connect. Configuration and support of syslog-ng
• Deploy new Splunk systems and Monitor Splunk internal logs to identify and resolve existing or potential issues
• Monitor the Splunk infrastructure for capacity planning and optimization
• Troubleshoot technical issues to determine root cause and resolve or implement workaround as necessary
• Reproduce customer issues, file bug reports and escalate cases to Splunk support as necessary
• Perform Enterprise Linux tasks as they pertain to supporting the Splunk application
• Solve complex Splunk Integration challenges; Debug complex Splunk configuration issues.
• Indexing data from apache log servers into Splunk and creating dashboards
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing
• Configurations with deployment server, indexers, search heads, serverclass.conf, server.conf, apps.conf, props.conf, transforms.conf, forwarder management configurations.
• Creation of indexes, forwarder & indexer management.
• Search head Clustering, Indexer clustering, Splunk upgradation, Creating users and roles, architecture planning, replication factor, search factor.
• Expert in deploying applications and services related to password updates, application and operating system provisioning, encryption and monitoring
• Good knowledge on Regular expressions
• Monitor the Splunk infrastructure for capacity planning, system health, availability and optimization.
• Review and apply any newly available and applicable Splunk software or policy updates routinely.
• Assist with design of core scripts to automate Splunk maintenance and alerting tasks.
• Maintain current functional and technical knowledge of the Splunk platform and future products.

Environment: Splunk Enterprise Server 6.x, Universal Splunk Forwarder 6.x, RedHat Linux, HTML, XML, Use of Regular expressions.

Confidential

Developer and Administrator

Responsibilities:

• Expertise with Splunk UI/GUI development and operations roles.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Involved in setting up alerts for different type of errors.
• Developed, evaluated and documented specific metrics for management purpose.
• Using SPL created Visualizations to get the value out of data.
• Created Dashboards for various types of business users in organization.
• Played a major role in understanding the logs, server data and brought an insight of the data for the users.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Supporting migration from Splunk On Premise data center to Amazon AWS
• Launching, Configuring, Supporting large scale instances on AWS
• Monitored Database Connection Health by using Splunk DB connect health dashboards.
• Created Crontab scripts for timely running jobs.
• Developed build scripts, UNIX shell scripts and auto deployment processes.
• Good experience in creating Splunk apps, navigations, interfaces and good experience on Splunk lookups, macros, Pivot, datamodels, lookup files and their publication into Splunk. Network Monitoring, bandwidth and traffic monitoring through splunk and solarwind.
• Experience on use and understand of complex RegEx (regular expressions).
• Provided technical services to projects, user requests and data queries.
• Involved in assisting offshore members to understand the use case of business.
• Assisted internal users of Splunk in designing and maintaining production-quality dashboard
• Involved in writing complex IFX, rex and Multikv, mvcombine command to extracts the fields from the log files.
• Involved in helping the Unix and Splunk administrators to deploy Splunk across the UNIX and windows environment.
• Helped the client to setup alerts for different type of errors.
• Worked to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Involved in installing and using Splunk app for Linux and Unix.

Confidential

Production Support & Maintenance

Responsibilities:

• Developed Spotfire Dashboards metrics for Customer, Employee, Financial and Operational metrics
• Installed Spotfire Server, Database drivers, Hotfixes
• Used Microsoft SQL server to hold Spotfire server database
• Configured Spotfire server - Set up single sign on
• Monitored Spotfire server to detect issues with server, DAP Servers, network problems, external databases to reduce server downtime and eliminate performance bottlenecks
• Analyzed the Action logs to find what the users are doing, when they login, who did what etc.
• Upgraded Spotfire from 6.5 to 7
• Used data table properties, property controls, filters, joins and custom functions to get formulated data from information links
• Worked on various visualizations like Tree Map, Box Plot, Parallel Co-ordinate plot, Scatter Plot & Map Chart etc.
• Deployed Confidential Spotfire DXP files to UAT/Production environments.
• Created Information links, parameterization, defined join rules in Information designer.
• Created Action Controls and wrote scripts using Iron Python. Performed several customizations using the scripts
• Used Lists, tags and Bookmarks
• Used Filter Schemes to isolate the filter behaviors on visualizations
• Used Over statements for calculations
• Used Dynamic calculations based on the markings user selects in the visualizations
• Worked on Confidential Spotfire Server, Web Player and Library administration.