SUMMARY

• Overall 6.5+ years of experience in Information Technology field with strong experience in Splunk Developer/Admin, Splunk Security
• Experience in Operational Intelligence using Splunk.
• Headed Proof - of-Concepts (POC) on Splunk ES implementation, mentored and guided other team members on Understanding the use case of Splunk.
• Expertise in customizing Splunk for Monitoring, Application Management and Security as per customer requirements and industry best practice.
• Expertise in Installation, Configuration, Migration, Troubleshooting and Maintenance of Splunk, Passionate about Machine data and operational Intelligence
• Expertise in creating Splunk, Dashboards, Reports and Alerts to meet business use cases.
• Experience with Splunk UI/GUI development activities by managing the Splunk knowledge objects like Field extraction, Tags and Lookups management.
• Extensive experience in writing Stored Procedures, Functions and Database Triggers using PL/SQL and UNIX Shell scripts
• •Design, Deploy, and Support enterprise Splunk logging application. Assist other enterprise instances as Splunk Subject Matter Expert SME.
• Creating accurate reports, Dashboards, Visualizations, Elastic search and Pivot tables for the business users.
• Experience in using Splunk platform in Linux and windows.
• Creating the Jenkins nodes/jobs configuration.
• Good knowledge of creating and implementing of shell scripts to take care of Splunk file backup, monitoring alert log and log rotation.
• Creating and Managing Splunk DB connect Identities, Database Connections, Database Inputs and Outputs, access controls.
• Worked on Security solutions (SIEM) that enable organizations to detect, respond and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions.
• Experience in Operational Intelligence using Splunk platform.
• Experience of JVM and multi-threaded processing using JMX servers.
• Experience with Splunk UI/GUI development activities by managing the Splunk knowledge objects like Field extraction, Tags and Lookups management.
• Integrated Splunk Web environment with Mobile App.
• Good knowledge in Spunk DB Connect App and Basic understanding of Enterprise Security App.
• Working experience in Machine learning Tool kit Splunk app
• Ability to provide engineering expertise and assistance to the Splunk user community Advanced Splunk Search Processing Language skills (SPL).
• Good knowledge about Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management
• Familiar in System Administration with Red Hat Linux Enterprise Servers, Solaris and IBM AIX servers.
• Monitored the Splunk system by identifying terrible missions, dashboards and wellbeing of Splunk and collaborate with individual gatherings to upgrade execution.
• Developed customized Shell scripts in order to install, manage, configure multiple instances of SPLUNK forwarders, indexers, search heads, deployment servers.
• Handled the SiteMinder Web Agent foundation and summarized the Web Agent on Web Server cases.
• Troubleshooting and handling postproduction issues, on-site support, worked closely with engineering to coordinate and provide all the required information and interacting with the client.
• Strong qualitative analysis skills to lend insight into highly ambiguous and sensitive business problems. In-depth understanding of processes and technology integration challenges.
• Debug Splunk related and integration issues

TECHNICAL SKILLS

Splunk: Splunk 5.x and 6.x, Splunk Enterprise, Splunk on Splunk, Splunk DB 2 Connect, Splunk Cloud, Hunk, Splunk IT Service Intelligence, Splunk Web Framework

Operating Systems: Windows 2000, XP, Win 10, Windows Server, Unix/Linux (Red Hat), Free BSD

Data Analysis: Requirement Analysis, Business Analysis, detail design, data flow diagrams, data definition table, Business Rules, data modeling, Data Warehousing, system integration

RDBMS: Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008 , Sybase, DB2 MS Access, Mysql

Web Technologies: HTML, DHTML, JavaScript, XML, XSL, XSLT, REST, SOAP

Web/App Servers: Apache Tomcat 6.0, web logic8.1/9.2, web sphere 6.0

Concepts: SDLC, Object Oriented Analysis and Design, Unified Modeling Language (UML), Assembly and System Level Testing, exposure in Agile.

Programming Language: C, C++, Java with Big Data, Python, UNIX shell scripts

PROFESSIONAL EXPERIENCE

Splunk Developer/Admin

Confidential - Atlanta, GA

Responsibilities:

• Designing and implementing Splunk-based best practice solutions.
• Requirement gathering and analysis. Interacted with team members and users during the design and development of the applications and Splunk Objects.
• Receiving promptly, handling, gathering requirements through remedy tickets and resolving Confidential on time.
• Communicating and collaborating with hundreds of customers, Splunk users.
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
• Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.
• Creating, maintain, support, repair, customizing System & Splunk applications, search queries and dashboards.
• Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.
• Developed Splunk Objects and reports on Security baseline violations, Non-authenticated connections, Brute force attacks and many use cases.
• Good experience in working with SNMP traps and Syslog NG in onboarding the security devices on Splunk.
• Design, support and maintain large Splunk environment in a highly available, redundant, geographically dispersed environment.
• Install, configure, and troubleshoot Splunk. Experience with regular expressions and using regular expressions for data retrieval. Work with application owners to create or update monitoring for applications.
• Experience creating and maintaining Splunk reports, dashboards, forms, visualizations, alerts.
• Good experience in building Splunk Security Analytics. Lead logging enrollments from multi-tier applications into the enterprise logging platforms.
• Developed specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
• Strong knowledge of Windows, Linux, and UNIX operating systems.
• Experience in responding to requests and incident tickets within defined Service Level Agreements.
• Supports, Monitors and manages the SIEM environment
• Integration of Splunk with a wide variety of legacy and security data sources that use various protocols.
• Installation and configuration of Splunk apps to onboard data sources into Splunk
• Experience with creating disaster recovery plans and testing.
• Work as part of a team to provide excellent customer experience.
• Provide emergency or scheduled support out of hours as required.
• Manage and support change in the environment. Experience of working on a very large enterprise environment
• Splunk SPL (Search Processing Language) and Dashboarding/Visualization. Setup dashboards for network device logs.
• Developed alerts and timed reports Develop and manage Splunk applications. Have done many POCs.
• Implemented maps integration and dynamic drill downs extensively.

Splunk Engineer

Confidential - Tempe, AZ

Responsibilities:

• Implemented Splunk installation and administration of Linux servers using Red Hat Enterprise Linux and Oracle Enterprise Linux.
• Created Splunk knowledge bundles, Forms/Views/Dashboards.
• Buildup of Forwarders and perform Software installation upgrades and upgrading Splunk as and when required using automation tools.
• Performed Splunk Indexer/Search Heads upgradation, installation and configuration of Splunk Apps.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs.conf and Inputs.conf Files.
• Configuring and base lining Hardware for Splunk on Linux Hosts. Conducting operational testing with Splunk Users.
• Created Bash Scripts for Automation of Splunk day to day tasks.
• Optimized search queries using summary indexing and used regular expressions for creating tags, event types, field lookups and field extractions.
• Monitored license usage, indexing metrics, Index Performance, Forwarder performance, death testing.
• Good Understanding of Splunk architecture, Knowledge about various components (indexer, forwarder, search head, deployment server).
• Creation and implementation of shell scripts to take care of Splunk file backup, monitoring alert log and log rotation.
• Installation and configuration of own Apps to monitor system performance including Splunk internal logs.
• Handled configuration of advanced dashboard creation and optimization.
• User/Group Administration - Splunk authentication with LDAP for user accounts/groups creation and bindings of LDAP groups to Splunk.
• Dealt with Splunk Utilities (bucket rolling, User index creation and management, Sourcetype, forwarder log monitoring input and output configuration).
• Testing new versions within DEV environments and conducting stress tests.
• Created an Active-Passive SPLUNK framework for fulfilling BCP requirements
• Interaction with various application workgroups for requirement gathering, so as to design and plan the software and hardware infrastructure.

Splunk Analyst

Confidential - San Antonio, TX

Responsibilities:

• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Designing and implementing Splunk-based best practice solutions. Requirement gathering and analysis.
• Interacted with team members and Business users during the design and development of the application.
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
• Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.
• Installed, Configured, implemented various visualization Add-ons to the developed and developing dashboards.
• Built several Key Performance Indicators for the Personal Insurance team through Splunk Metrics
• Maintain current functional and technical knowledge of the SPLUNK platform and future products.
• Help to document best practices in developing and using SPLUNK.
• Experience with Splunk UI/GUI development and/or operations roles
• Work with business/IT and create the next steps plan and implement the same.
• Extensively worked on creation of range maps for various SLA conditions by using all kinds of Splunk