PROFESSIONAL SUMMARY:

• Strong experience with Splunk 5.x, 6.x and 7.x product, distributed Splunk architecture and components including search heads, indexes, and forwarders.
• Expert in build custom searches and visualizations in both Splunk Core and Splunk ITSI.
• Created and configured KPI's in Splunk IT Service Intelligence (ITSI).
• Experience on Onboard new log sources with log analysis and parsing to enable SIEM correlation.
• Supported Splunk environment with 96 Indexers, n number of forwarders, 6 search heads and generated 15 TB of data per day.
• Architecting new database tables including building the code to extract and load the data elements as well as quality assurance.
• Proficient in writing SPL (Search Processing Language), including advanced commands such as tstats, lookup, using subquery, etc. Able to correlate multiple data sources efficiently.
• Experience in developing content using Splunk Machine Learning Toolkit (MLTK).
• Design and implement high performance integrations/solutions for multi - terabytes of log ingestion from AWS CloudWatch using Kinesis streams.
• Developing scripts to automate building infrastructure components in AWS and on prem Linux environments.
• Implement KV stores, lookups, and data model acceleration to optimize search performance and reporting.
• Upgrade and Optimize Splunk setup with new discharges.
• Extensive experience in deploying, configuring and administering Splunk clusters.
• Expertise in Actuate reporting, development, deployment, management and performance tuning of Actuate reports
• Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
• Helping application teams in on-boarding Splunk and creating dashboards, alerts, reports etc.
• Experience working on Splunk 5.x,6.x, Splunk Enterprise Security 4.1, Splunk DBConnect1.x,2.x on distributed Splunk Environments and Clustered Splunk Environments on Linux and Windows operating systems.
• Setup Splunk Forwarders for new application levels brought into environment.
• Ability to multitask, prioritize and take-charge, Use Splunk ITSI to create ITSI services and ITSI KPIs to increase our monitor in coverage.
• Configure the adds-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.
• Worked on developing internal web application, Employee Ideal Portal using JAVA, JSP and Spring Framework.
• Expertise on most of the Linux command-line commands and shell scripting. And scripting for automation, and monitoring using Shell, Python scripts.

TECHNICAL SKILLS:

Log Analysis Tool: Splunk Enterprise Server 5.x/6.x/7.x, Splunk Universal Forwarder 5.x/6.x, Splunk DB Connect

Web/App Servers: Web Sphere Application Server 5.0/6.x/7.x/8.x, Web Sphere MQ Sever 6.x/7.x, WebSphere XD 6.0/6.1, IBM Http Server 6.x/7.x/8.x, Apache Web Server 2.x, Tomcat 5.5, IIS 6/7.x

Operating Systems: IBM AIX (5.1/6.1), RHL Linux, Windows Server 2003/2008 R2, VMWare

Programming: Java, J2EE, C++, C, SQL/PL SQL, HTML, DHTML, XML.

Scripting: JACL, Python, WSCP, WSADMIN, Korn Shell Script, Perl, JavaScript, CSS, Batch

Networking: TCP/IP Protocols, Socket Programming, DNS.

Frame work: MVC, J2EE Design Patterns, Struts.

IDE: Eclipse, RAD 7, Net Beans, Edit plus, TOAD

Others: Site Minder r6/r12/r12.5,Ping Federate 6.X,7.X

PROFESSIONAL SUMMARY:

Splunk Admin / Developer

Confidential, Bloomington, IL

Responsibilities:

• Experience in creating Splunk dashboards and visualizations to operational enablement and Geo Map.
• Perform analysis, design, build, testing, and deployment of RPA applications.
• Design, Develop and Implement Apps & Knowledge Objects (KO) like Dashboard, Reports, Data Models, Actionable Alerts and Workflow for Splunk
• Maintain, Manage and Monitor Splunk Infrastructure (Identify bad searches, dashboards and manage overall health of Splunk)
• Demonstrate understanding of RPA methodologies and tools, such as UIPath, Blue Prism, or Automation Anywhere.
• Conducting advanced trouble-shooting to help remove technical roadblocks in automation development.
• Plan and Build Splunk Cluster environment with High Availability resources.
• Data Extraction is done using Sqoop to load from Oracle DB to Data lake (Big data) platform.
• Designing and maintaining production-quality Splunk dashboards using Xml.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Configured Splunk forwarders and indexers to ingest infrastructure logs.
• Worked on Splunk search processing language, Splunk dashboards and Splunk DB connect app.
• Worked on Amazon AWS, configuring, launching Linux and windows server instances for Splunk deployment.
• Worked on developing internal web application, Employee Ideal Portal using JAVA, JSP and Spring Framework.
• Developing SIEM configurations, use cases and operational models or specific security solutions to meet the customer's requirement and assess risks imposed by technical solutions.
• Evaluating business processes, gathering requirements, uncovering value add opportunities, and implementing automation solutions.
• Act as subject matter expert for RPA software and resolve any related issues as required.
• Wrote Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs
• Involved in Splunk GUI development creating Splunk apps, searches, Data models, dashboards, and Reports using the Splunk query language.
• Worked in ingesting the data from DB using DB Connect app.

Splunk Engineer

Confidential, Orlando, FL

Responsibilities:

• Installation of Splunk Enterprise, Splunk forwarder, Splunk Indexer, Apps in multiple servers (Windows and Linux) with automation.
• Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Splunk DB Connect in search head cluster environments of Oracle.
• Hands on experience in Assisting stake holders of splunk in designing and maintaining production-quality data, dashboards and various applications.
• Good Understanding of configuration files, precedence and daily work exposure to Props.conf, transforms.conf, inputs.conf, outputs.conf and Setting up a forwarder information based on requirement.
• Maintained Splunk Environment with multiple indexers; managed and configured settings.
• Improved search performance by configuring to search heads for all Indexes in production.
• Analyzed security based events, risks and reporting instances. Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
• Work with SIEM tool QRadar by tuning security events, creating building block, search for reports and search security events.
• Creating Regular Expressions for Field Extractions and Field Transformations in Splunk.
• With the help of ITSI, used the search and correlation capabilities of the platform to enable you to collect, monitor, and report on data from IT devices, systems, and applications. Administer, Maintain, and Deploy Imperva web application firewall, Checkpoint IPS & VPN systems, and McAfee network-based Data Loss Prevention (DLP) devices.
• Worked on ITSI module visualizations, which let you monitor the overall performance of your deployment, and easily share issues with other analysts on your team. Multiple visualization tools used for monitoring ITSI modules: Service Analyzer, Glass tables, Deep dives
• Team player in Proof-of-Concepts (POC) on Splunk implementation mentored and guided other team members on Understanding the use case of Splunk.

Splunk Admin / Developer

Confidential

Responsibilities:

• Created Dashboards, Visualizations, Statistical reports, scheduled searches, Alerts and also worked on creating different other knowledge objects.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server)
• Worked on installing Universal and Heavy forwarder to bring any kind of data fields in to Splunk.
• Provide Regular support guidance to Splunk project teams on complex solution and issue resolution.
• Helping application teams in on-boarding Splunk and creating dashboards/alerts/reports etc.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Involved in admin activities and worked on inputs.conf, index.conf, props.conf and transform.conf to set up time zone and time stamp extractions, complex event transformations and whether any event breaking.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Designing and maintaining production-quality Splunk dashboards.
• Create Dashboard, Reports and Alerts for events and configure alert mail.
• Worked on DB Connect configuration for Oracle and MySQL
• Developing Scheduling Alerts, Experience with Deployment Server & Advanced XML.
• Created Dashboards for various types of business users in organization and worked on creating different Splunk Knowledge objects like Macros, IFX, Calculated fields, Tags, Event Types and Look ups.
• Field Extraction, Using IFX, Rex Command and Reg Ex in configuration files.
• Scripting and development skills (Perl, Python) with strong knowledge of regular expressions.
• Use techniques to optimize searches for better performance, Search time field extractions. And understanding of configuration files, precedence and working.
• Various types of charts Alert Settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects.