Sr. Splunk Developer/admin Resume
San Jose, CA
PROFESSIONAL SUMMARY:
- 7.5+ Years of IT experience in software Design, Development, Testing and Implementation.
- Around 5 years of experience with Splunk - Enterprise Splunk, Splunk DB Connect, Splunk configuring, implementing, and supporting Splunk Server Infrastructure across Windows, UNIX and Linux.
- Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
- Expertise in Installation, Configuration, Migration, Trouble-Shooting and Maintenance of Splunk, Passionate about Machine data and operational Intelligence.
- Creating accurate Reports, Dashboards, Visualizations and Pivot tables for the business users.
- Designed, supported and maintained Splunk cluster infrastructure in a highly available, geo-redundant configuration
- Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
- Streamlined Splunk to build, configure and maintain heterogeneous environments and in-depth knowledge of log analysis generated by various systems including security products (SIEM functionality).
- Expert in installing and using Splunk apps for Unix and Linux (Splunknix).
- Good scripting experience with Unix, Shell and Python.
- Installed Splunk DB Connect 2.0 in Single and distributed server environments and Parsing, Indexing, searching concepts Hot, Warm, Cold, Frozen bucketing.
- Expertise Splunk query language and Monitored Database Connection Health by using Splunk DB connect health dashboards.
- Expertise on configuration files, such as Props.conf, transforms.conf, inputs.conf, outputs.conf and also setting up a forwarder Monitor stanza in inputs.conf.
- Developed and scheduled new Splunk capacity dashboards, data models and performance reports to assist senior management in making business critical capacity decisions.
- Installing, Configuring, Integrating and Troubleshooting Splunk for Tomcat, WebSphere Application Server.
- Experience in installation/migration/deployment of Enterprise Applications using Tomcat server 6.0.
- Various types of charts Alert settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects.
- Experience in cloud based technologies such as S3, Redshift and with NoSql stores such as MongoDB.
- Experience analyzing network, event, and security logs on premise and cloud
- Knowledge on Cloud technologies, Enterprise security, Understanding of cloud-computing concepts.
- Experience in SHELL scripting, BASH scripting, PYTHON and splunk apps like splunk dbconnect, SOS, Sideview utils, *nix,, Splunk 6.x Dashboard Examples.
- Experience in Deploying to and administering in the use of JBoss, tomcat and apache web server, WebLogic, WebSphere, SVN, PVCS, VSS.
- Expertise in Java, Tomcat 6.x/7.x, WebSphere, JBoss Development, Web Services (SOAP/Restful), support and maintenance in Development, System Integration, and Production environments under cross platform consisting of Red Hat Linux, Windows, and AIX operating systems.
- Involved in Database Design, Data Modeling, Development, Programming, Implementation, ETL and Reporting in SQL Server 2000/2005/2008 R2/2012.
- Strong knowledge in Database development including Normalization, Tables, Views, Stored Procedures and Triggers, and Query optimization techniques.
- Involved in various phases of Software Development Life Cycle (SDLC) including Analysis, Design, Testing, Implementation and Maintenance
- Excellent team Player with good Technical, Analytical and interpersonal skills
TECHNICAL SKILLS:
Operating Systems: Windows 2000, XP, Win 10, Windows Server, Unix/Linux (Red Hat), Free BSD
Data Analysis: Requirement Analysis, Business Analysis, detail design, data flow diagrams, data definition table, Business Rules, data modeling, Data Warehousing, system integration
RDBMS: Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008 , Sybase, DB2 MS Access, Mysql
Web Technologies: HTML, DHTML, JavaScript, XML, XSL, XSLT, REST, SOAP
Splunk: 5.x and 6.x, Splunk Enterprise, Splunk on Splunk, Splunk DB 2 Connect, Splunk Cloud, Hunk, Splunk IT Service Intelligence, Splunk Web Framework
Web/App Servers: Apache Tomcat 6.0, web logic8.1/9.2, web sphere 6.0
Concepts: SDLC, Object Oriented Analysis and Design, Unified Modeling Language (UML), Assembly and System Level Testing, exposure in Agile.
Programming Language: C, C++, Java with Big Data, Python, UNIX shell scripts
Monitoring tool: Netcool,Dynatrace
PROFESSIONAL EXPERIENCE:
Sr. Splunk Developer/Admin
Confidential, San Jose, CA
Responsibilities:
- Installation of Splunk Enterprise, Splunk forwarder, Splunk Indexer, Apps in multiple servers (Windows and Linux) with automation.
- Install and maintain the Splunk adds-on including the DB Connect, Active Directory LDAP for work with directory and SQL database.
- Configure the adds-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.
- Configure and Install Splunk Enterprise, Agent, and Apache Server for user and role authentication and SSO.
- Manage Splunk configuration files like inputs, props, transforms, and lookups.
- Deploy, configure and maintain Splunk forwarder in different platforms.
- Create Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
- Continuous monitoring of the alerts received through mails to check if all the application servers and web servers are up.
- Integrated Qualys with Splunk and used it to obtain information about affected web applications and prevalent vulnerabilities into the Splunk dashboard, and enables preconfigured searches and reports.
- Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
- Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
- Used Splunk to provide SIEM functionality to aggregate and correlate data from all security systems.
- Used Splunk Enterprise Security App for Security Information and Event Management (SIEM) system utilizing.
- Provide power, admin access for the users and restrict their permission on files.
- Involved in admin activities and worked on inputs.conf, index.conf, props.conf and transform.conf to set up time zone and time stamp extractions, complex event transformations and whether any event breaking.
- Creating Reports, Pivots, alerts, advance Splunk search and Visualization in Splunk enterprise.
- Integrated Service Now, Netcool and various other environments with the Splunk.
- Performed Splunk administration tasks such as installing, configuring, monitoring and tuning.
- Created Crontab scripts for timely running jobs.
- Write automation scripts for REST API's using TestNG and Java.
- Generated scripts in MAVEN, Perl & Bash Shell for build activities in QA, Staging and Production environments.
- Able to create scripts for system administration and AWS using languages such as BASH and Python.
- Deployed build scripts, UNIX shell scripts and auto deployment processes
- Provided 24/7 on-call Production Support
Environment : Splunk 6.4/6.3/6.2, Splunk DB Connect and other modules, Tomcat 7.x, JBoss 7.x, BIGIP Load Balancers, SAML, REST API, Wily Introscope 6.0, Python, Javascript, Configured plug-ins for Apache HTTP server 2.4, HTML, CSS, RedHat Linux 6.x, JDBC, JDK1.7, J2EE, JSP, Servlets, Security Information and Event Management(SIEM), XML, BASH, Oracle 11g, SVN, CVS.
Splunk Developer/Administrator
Confidential, Raleigh, NC
Responsibilities:
- Developed Splunk infrastructure and related solutions in our Company environment.
- Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Universal and Heavy Forwarder.
- Installed, tested and deployed monitoring solutions with Splunk services.
- Provided technical services to projects, user requests and data queries.
- Implemented forwarder configuration, search heads and indexing.
- Created a large variety of field extractions, lookups, and evals using props.conf and transforms.conf.
- Made recommendations for Splunk forwarder configurations to prevent duplicate indexing of data
- Added a distributed summary indexing model to a large-scale Splunk environment.
- Developed custom dashboards and views for performance monitoring, capacity management, and diagnostics to meet a variety of use cases.
- Led the client's first initiatives to get Windows event logs and database logs on board with Splunk logging using scripted inputs, Splunk alerting capabilities, Unix scripting, and SQL plus utility.
- Maintained and managed assigned systems, Splunk related issues and administrators.
- Experience in consuming REST and SOAP web services.
- Write automation scripts for REST API's using TestNG and Java.
- Managed configuration files for heavy forwarders, deployment servers, indexers, indexes, cluster masters, clusters and search heads.
- Integrated Service Now and various other environments with the Splunk.
- Used Splunk Enterprise Security App for Security Information and Event Management (SIEM) system utilizing.
- Perform log file validations and provide feedback and guidance to on-boarding application teams ensuring strict adherence to enterprise logging standards.
Environment : Splunk 6.4/6.3, Splunk DB Connect and other modules, Tomcat 7.x, SAML, Wily Introscope 6.0, HTML, CSS, Configured plug-ins for Apache HTTP server 2.4, RedHat Linux 6.x, Security Information and Event Management(SIEM), JavaScript, XML, BASH, SVN, CVS.
Splunk Consultant/Administrator
Confidential
Responsibilities:
- Created Dashboards, Visualizations, Statistical reports, scheduled searches, alerts and also worked on creating different other knowledge objects.
- Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Universal and Heavy forwarder.
- Provide Regular support guidance to Splunk project teams on complex solution and issue resolution.
- Expertise with Splunk UI/GUI development and operations roles.
- Detect errors and Trouble shooting by using S.O.S on Splunk environment.
- Involved in in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.
- Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields in to Splunk.
- Designing and maintaining production-quality Splunk dashboards.
- Used Splunk to provide SIEM functionality to aggregate and correlate data from all security systems.
- Involved in admin activities and worked on inputs.conf, index.conf, props.conf and transform.conf to set up time zone and time stamp extractions, complex event transformations and whether any event breaking.
- Splunk DB Connect 2.0 in search head cluster environments of Oracle, MySQL.
- Involved in Automation and error checking to reduce admin tasks and alert users of input errors allowing users to resolve the issues.
- Integrate Service Now with Splunk to consume the alerts from Splunk and create service now tickets.
- Involved in writing complex IFX, Rex and Multikv command to extracts the fields from the log files.
- Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
- Use techniques to optimize searches for better performance, Search time field extractions. And understanding of configuration files, precedence and working.
- Troubleshooting of searches for performance issues by adding lookups, correct joins and using summary indexes.
- Scripting and development skills (Perl, Python, Java) with strong knowledge of regular expressions.
- Able to create scripts for system administration and AWS using languages such as BASH and Python.
- Various types of charts Alert settings Knowledge of app creation, user and role access permissions.
- Creating and managing app, Create user, role, Permissions to knowledge objects.
Environment : SPLUNK 6.x,SPLUNK 5.x, Linux, Windows Server 2012, 2008, SQL, Splunk Enterprise Security, ESX,BASH, Wily Introscope, Python, Applications Development, Security Information and Event Management(SIEM), SQL, Big Data Analysis, operations analysis.
Splunk Developer/Admin
Confidential
Responsibilities:
- Experience as Splunk Admin/Developer, performed activities including requirement analysis, design and implementations of various client server-based applications using Splunk 7.x, Splunk 6.x.
- Create presentation layers for Technical, Business and Executive Management showing environment operational health based on Key Performance Indicators.
- Manage existing application & create new applications (visual and non-visual).
- Setup non-auto ticketing monitoring test alerts to the monitoring team for all Business Units platforms in ITSI to enable investigation of alerts for accuracy and research purposes.
- Designed and implemented various SIEM solution packages in Arc Sight ESM built in Oracle Virtual Box working environments.
- Ability to build business & operational intelligence dashboards and glass tables using Splunk & Splunk ITSI.
- Create data retention policies & perform index administration, maintenance and optimization.
- Provide overall management of the SPLUNK platform.
- Assist with design of core scripts to automate SPLUNK maintenance and alerting tasks. Support SPLUNK on UNIX, Linux and Windows-based platforms. Assist with automation of processes and procedures.
- Experience at Splunk on Splunk developing dashboards, forms, SPL searches, reports and views, administration, upgrading, alert scheduling, KPIs, Visualization Add-Ons and Splunk infrastructure.
- Experience in creating and maintaining Splunk reports, dashboards, forms, visualizations, alerts for Enterprise Security to identify and address emerging security threats.
- Extensive knowledge in creating Actuate reports using XML, Dashboards, visualization and pivot tables for the business users.
- Extensive experience in Data Warehouse, Data mart, Data Integration and Data Conversion projects ETL using Informatica Power Center 9.5/8.x/7.x/6.2/5.0 tools (Source Analyzer, Mapplet Designer, Mapping Designer, Transformation Designer, Repository Manager, and Server Manager) as ETL tool on Oracle /DB2 Database.
- In depth Knowledge with search head clustering and Index clustering.
- Implemented workflow actions to drive troubleshooting across multiple event types in Splunk.
- Experienced in all data processing phases, from the Enterprise Model, Data Model (Logical and Physical Model), and Data Warehousing (ETL).
- Knowledge on service oriented architecture (SOA), workflows and web services using XML, SOAP, and WSDL.
Environment : Splunk, Deployment server, Splunk 7.x And 6.x, Dashboard Examples, Side viewutils, Data Models, Server management, Dashboards, Search processing language (SPL), Field Extraction, Regex, UNIX, AIX,LINUX, XML, HTML.