PROFESSIONAL SUMMARY:

• Experience with Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modelling.
• Extensive experience in installing, configuration, Migration, trouble - shooting and maintenance of Splunk.
• Experience in creating Access controls to users by creating AD (Active Directory) groups power and user groups.
• Experience on Splunk data flow, components, features, product capability, log parsing, complex Splunk searches, including external table lookups.
• Experience in Splunk search construction with the ability to create well-structured search queries that minimize performance impact.
• Experience in Parsing, indexing, searching concepts Hot, Warm, Cold and Frozen bucketing.
• Experience with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management
• Experience on Splunk data flow, components, features and product capability
• Installed Splunk DB Connect 2.x/3.x in search head cluster environments
• Expertise Splunk query language and Monitored Database Connection Health by using Splunk DB connect health dashboards.
• Experience in GIT for source version control with Splunk.
• Expertise in using Splunk with shell script in creating scripts for various activities like Generating Server Status and Health reports, Deployments on large scale configuration of servers.
• Experience in Operational Intelligence using Splunk platform.
• Experience with Splunk UI/GUI development activities by managing the Splunk knowledge objects like Field extraction, Tags and Lookups management.
• Hands on development experience in customizing Splunk dashboards, visualizations, configurations, reports and search capabilities using customized Splunk queries
• Experience with Splunk technical implementation, Planning, customization, integration with big data and statistical and analytical modeling.
• Splunk configuration that involves Saved search, summary search and summary indexes.
• Integrated Splunk with Service now to create automatic incidents based on the alert.

TECHNICAL SKILLS:

Splunk Modules: Splunk 5.x/6.x/7.x, Splunk Cloud, Splunk DB Connect, Splunk Enterprise, Splunk IT Service Intelligence, Splunk Web Framework.

Splunk Products: Splunk Enterprise 7.x, Splunk Universal Forwarder, Splunk ES, Splunk ITSI.

Databases: Microsoft SQL Server, Oracle database, IBM DB2 and MySQL

Operating System: Red Hat Linux 4.x/5.x/6.x/7.x,Windows 2008/2012.

Languages: C, LINUX Shell scripts, Python, SQL, Oracle.

PROFESSIONAL EXPERIENCE:

Splunk Engineer

Confidential, Weehawken, NJ

Responsibilities:

• Integrate Splunk analysis with Splunk ITSI to help business better understand quarterly target goals.
• Prepared, arranged and tested Splunk search strings and operational strings. Created and configured management reports and dashboards.
• Worked as a Splunk Admin for Creating and managing app, Creating users, role, and permissions to knowledge objects.
• Developed dashboards for Business teams to parameterize dynamic values for Splunk.
• Identified bottlenecks in performance and reported them to the technical/infrastructure teams for fixing defects or tuning for better performance.
• Interact with the data warehousing team regarding extracting the data and suggest the standard data format such that Splunk will identify most of the fields.
• Involved in Implementing Searches with Job Scheduling using Splunk
• Upgrading and Migrating the Splunk Components and setting up the Retention Policy for the indexes.
• Worked in ingesting the data from DB using DB Connect app.
• Monitoring data in Splunk index and SQL database and configuration of backup.
• Assist internal users of Splunk in designing and maintaining production-quality dashboards
• Work with application team and production support team to troubleshoot production performance and reliability issues.
• Help to document best practices in developing and using Splunk.
• Implemented Post processing method for searches in dashboards.
• Configured Alerts and notifications on various thresholds, SLAs for Personal Insurance Architecture team.
• Troubleshoot Splunk server and forwarder problems and issues
• Monitor the Splunk infrastructure for capacity planning, scalability, and optimization
• Work hands-on with the engineers to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Analyzed security based events, risks and reporting instances. Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
• Worked for getting data in managing Splunk apps. Assisted internal users of Splunk in designing and maintaining production-quality dashboards.
• Splunk DB Connect 2.0 in search head cluster environments of Oracle. Installation and implementation of several kinds of visualizations to Splunk dashboards.
• Continuous monitored of the alerts received through emails to check if all the application servers and web servers are up.
• Knowledge on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Ability to build custom applications and technical add-ons for efficiently on-barding data and meeting Splunk CIM compliance for Enterprise Security accelerated data models
• Conducted surveillance on various phishing emails and created alerts from future spam. Worked as part of Cyber Security Incident Response team to check on malware virus and threat emails.
• Developed Splunk Search Processing Language (SPL) queries, created Reports, Alerts and Dashboards and customized them.

Environment: Splunk.8.x, Splunk 6.x, Splunk DB Connect and other modules, Oracle WebLogic 9.x/10.x, Tomcat 5.x/6.x, Oracle 9i/10g, Solaris 10, LINUX, Sun ONE Directory Server 6, Sun One Web Server 6.0, Apache 2.x, Python

Splunk Engineer/Developer

Confidential, Atlanta, GA

Responsibilities:

• Developed Splunk infrastructure and related solutions as per automation toolsets.
• Installed, tested and deployed monitoring solutions with Splunk services.
• Installing, Configuring and Administering Splunk Enterprise Server 6.0/6.3.2 and Splunk Forwarder 6.0 on Red hat Linux and Windows severs.
• Created Dashboards for various types of business users in the organization and worked on creating different Splunk Knowledge objects like Macros, IFX, Calculated fields, Tags, Event Types, and Lookups.
• Developed Splunk infrastructure and related solutions as per automation toolsets.
• Installed, tested and deployed monitoring solutions with Splunk services.
• Provided technical services to projects, user requests and data queries.
• Implemented forwarder configuration, search heads and indexing.
• Supported data source configurations and change management processes.
• Troubleshooting of searches for performance issues by adding lookups, correct joints and using summary indexes.
• Analyzed and monitored incident management and incident resolution problems.
• Resolved configuration-based issues in coordination with infrastructure support teams.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Developed Splunk Dashboards, searches and reporting to support various internal clients in Security, IT Operations and Application Development.
• Assisted with on boarding relevant data sources as needed, including inputs, SQL, index-time configurations, search-time field extractions, event types, and tags.
• Lead team for customizing Splunk dashboards, visualizations, configurations, reports and search capabilities using customized Splunk queries.
• Participated in Up gradation, performance, Tuning, troubleshooting, and maintenance of HP Arc sight SIEM.
• Knowledge and experience with internal clients to develop requirements, relationships, and value metrics.
• Created and configured KPI's in Splunk IT Service Intelligence (ITSI).

Splunk Administrator

Confidential, Tampa, FL

Responsibilities:

• Design solutions and concepts for data aggregation and visualization. Splunk deployment, configuration and maintenance across a variety of UNIX and Windows platforms. Able to troubleshoot Splunk server problems and issues.
• Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.
• Setup and configuration of search head cluster with three search head nodes and managing the search head cluster with deployer.
• Created Dashboards, reports, scheduled searches and alerts. Manage Splunk user accounts.
• Hands on work with development experience in customizing Splunk dashboards, visualizations, configurations, reports and search capabilities using customized Splunk search queries.
• Proficient in working with Splunk, developing dashboards and configuring the backend administration of Splunk indexes and forwarders.
• Designed Splunk reports and dashboards with complex data elements and source types translating our business requirements into concrete data analytic solutions.
• Worked as a team in statistical and analytical modeling of data to represent it in a graphical way to better understand status of an application using the Splunk dashboard.
• Hands on development experience in customizing Splunk dashboards, visualizations, configurations, reports and search capabilities using customized Splunk queries.
• Customized Splunk dashboards and generated visualizations, reports, pivots and tuned search capabilities as per customer requirements.
• Excellent logical, analytical & debugging skills with good interpersonal skills, highly motivated, fast learner, good team player and very proactive in problem-solving and providing best solutions.
• Worked on log parsing, complex Splunk searches, including external table lookups.
• Use techniques to optimize searches for better performance, Search time vs Index time field extraction. And understanding of configuration files, precedence and working.
• Responsible for administering, maintaining, and configuring a 24 x 7 highly available, Splunk apps for production portal environment.
• Worked on configuration files inputs. conf, indexes. conf, props. conf, server class. conf, transforms. conf and limit.conf.

Splunk Developer

Confidential, Alexandria, VA

Responsibilities:

• Provided regular support guidance to Splunk project teams on the complex solution and issue resolution.
• Extensively involved in all phases of SDLC (Software Development Life Cycle) using agile methodology.
• Installation of security and monitoring equipment, provide expert analysis for placement of security equipment for business and home protection services, including software and hardware installation or upgrades to existing systems.
• Deployed and configured multiple companywide enterprise security solutions including Splunk.
• Strong understanding of Splunk Enterprise configurations specifically when used in a security-related environment.
• Monitored network traffic and bandwidth for anomalies via Splunk.
• Monitor company's internal logs and traffic via Splunk to proactively investigate suspicious traffic and determine if the anomalies were malicious.
• Validate test findings using Splunk Enterprise by creating extensive search queries and custom reports to only show the relevant results from the test.
• Conducted a forensic analysis if a security breach occurred and find out the root cause of the incident as well as oversee the remediation process.
• Responsible for monitoring multiple managed and customer environments simultaneously.