- Splunk developer/Splunk Engineer with 5+ years of experience.
- Worked with reputed companies across various domains viz. Power, Banking, Finance, Retail and Healthcare.
- Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis
- Knowledge of security threats and vulnerabilities and how to detect and mitigate them, experience in building security monitoring and incident management solutions using Splunk.
- Designed Splunk Enterprise 6.5 infrastructure to provide high availability by configuring clusters across two different data centers.
- Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise server 6.x/5.x.
- Architect and Implement Splunk arrangements in exceptionally accessible, repetitive, conveyed figuring situations.
- Performed Field Extractions and Transformations using the RegEx in Splunk.
- Responsible for Installing, configured and administered Splunk Enterprise on Linux and Windows servers.
- Worked on various components in Splunkenterprise architecture such as Search Heads, Indexers, Deployment server, Deployer, License Master, Heavy/Universal Forwarders etc.
- Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
- Supported the upgradation of Splunk Enterprise server and Splunk Universal Forwarder from 6.5 to 6.6.
- Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.
- Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk.
- Writing Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs.
- Experience in alert handling, standard availability and performance report generation. Experience in root cause analysis of post - production performance related issues through Splunk tool.
- Designing, optimizing and executing Splunk-based enterprise solutions.
- Installed and configured Splunk Universal Forwarders on both UNIX (Linux, Solaris, and AIX) and Windows Servers.
- Hands on experience in customizing Splunk dashboards, visualizations, configurations using customized Splunk queries.
- Monitored the Splunk infrastructure for capacity planning, scalability, and optimization.
- Experienced in using Splunk- DB connect for real-time data integration between Splunk Enterprise and rest all other databases.
- Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
- Responsible with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
- Monitored license usage, indexing metrics, Index Performance, Forwarder performance, death testing.
- Splunk Architecture/Engineering and Administration for SOX monitoring and control compliance.
- Design and implement Splunk Architecture (Indexer, Deployment server, Search heads, and Forwarder management), create/migrate existing Dashboards, Reports, Alerts, on daily/weekly schedule to provide the best productivity and service to the business units and other stakeholders.
- Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
- Configured Syslog server for the forwarding the logs to Splunk server via network protocols like TCP and UDP.
- Subject matter expert in best practices, security protocols, PKI, and other security-related issues.
- Monitored the database (data tables and error tables), WebLogic error log files and application error log files to track and fix bugs.
- Responsible for troubleshooting various indexing issues by analyzing splunk logs such as splunkd.log, metrics.log ingested as internal index.