SUMMARY

• Having 7+ years of Programing Experience as a Splunk Developer/Admin for System Analysis, Designing, Testing, Development & Support of Client/Server architecture and multi tired applications associated with Data Warehousing Concepts.
• Having experience in understanding of Splunk 5.x and 6.x product, Distributed Splunk architecture and components including installation of Search Heads, Indexers, Forwarders, Deployment Server, License Model and Heavy/Universal Forwarder.
• Excellent skills on troubleshooting and problem determination of HTTP/System/ Network related problems including monitoring, capacity planning and maintenance by providing 24X7 support on call for all mission critical applications.
• Worked on Knowledge Objects such as EventyTypes, Tags, Field Extraction (Using Regular Expression), Lookups etc.
• Search time Parsing and Index time Parsing with props.conf and transforms.conf
• Splunk data maintained throughout life cycle of bucket Hot, Warm, Cold, Frozen bucketing.
• Experience in creating new indexes, alter existing indexes, change bucket size and modify maximum life of data in primary memory.
• Create dashboard from search, Scheduled searches in - line search vs. scheduled search in a dashboard.
• Prepared, arranged and tested Splunk search strings and operational strings.

TECHNICAL SKILLS

Splunk Modules: Splunk 6.1.3,Splunk on Splunk, Splunk Enterprise, Splunk DB Connect, Splunk Cloud, Splunk Web Framework

Languages: SQL, PL/SQL, Perl, Unix Shell Scripts, C, C#.NET, VB, CSS3, HTML5.

RDBMS: Oracle 11g, MS-SQL Server 2000/2005/2008 , MS Access.

Oracle Utilities: SQL*Plus, SQL*Loader, SQL developer.

Operating Systems: UNIX, LINUX, Windows 2010/2008.

PROFESSIONAL EXPERIENCE

Splunk Developer / Admin

Confidential, Dallas TX

Responsibilities:

• Worked on setting up Splunk to capture and analyze data from various layers like Load Balancers, Web Servers and Application Servers.
• Analyzed data using event correlations across indexes and various source types to generate custom reports for senior management.
• Created Splunk Search Processing Language (SPL) queries/ scheduled searches, Reports, Alerts and Dashboards.
• Installed, configured and deployed Splunk Forwarders, indexers, search heads and deployment server.
• Experienced in data model relationships with underlying raw data and making it more meaningful and useful to quickly generate charts, visuals and dashboards.
• Involved extensively in configuring alerts for different kinds of error logs.
• Provided regular support guidance to Splunk project teams on complex solution and issue resolution.
• Implemented Forwarders (Universal and Heavy) with Load Balancing, Splunk Forwarder Management.
• Configured Splunk DB Connect 2.0 in search head cluster environments for Oracle, MySQL.
• Created various types of charts Alert Settings Knowledge of app creation, user and role access permissions, creating and managing app.
• As a Splunk Admin, involved in capturing, analyzing and monitoring front end and middle ware applications.
• Involved in creating many proof-of-concept dashboards for operations, and service owners to monitor application and server health.
• Experienced in Parsing, Indexing, Searching concepts of Hot, Warm, Cold, Frozen bucketing.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Used different techniques to optimize searches for better performance, Search time vs Index time field extraction and understanding of configuration files etc.

Environment: SPLUNK 6.2, Oracle 11g, SQL Developer, Linux, UNIX, UNIX shell scripting

Splunk Developer / Admin

Confidential, Dallas TX

Responsibilities:

• Installed, Configured and Administered Splunk Enterprise Server 604 and Splunk Forwarder on Windows severs.
• Created reports, Dashboards, scheduled alerts and searches.
• Involved in standardizing Splunk forwarder deployment, maintenance and configuration across Windows platforms and UNIX.
• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Involved in setting up alerts for different type of errors.
• Worked on setting up Splunk to capture and analyze data from various layers Load Balancers, Webservers and application servers
• Extensive experience on setting up the Splunk to monitor the track the customer activity and customer volume.
• Gathering different wellsprings of syslog and XML information from different gadgets, applications, and information bases.
• Analyzed security based events, risks and reporting instances.
• Responsible to check the Splunk logs for web server so as to avoid server time down during production are used to monitor application and server health.
• Create dashboard from search, Scheduled searches online search vs scheduled search in a dashboard.
• Maintain and manage the application error during production.
• Assisted internal users of Splunk in designing and maintaining production-quality dashboard.

Environment: SPLUNK 613, Linux, Bash, Perl, Oracle 11g, PL/SQL.

Splunk Developer / Admin

Confidential, Dallas, TX.

Responsibilities:

• Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics in 3g/4G network elements.
• Install, configure and administer Splunk Enterprise Server 6.0.4 and Splunk Forwarder 5.x.x/6.x.x on Windows severs.
• Created Regular Expressions for Field Extractions and Field Transformations in Splunk.
• Anonymize the Personally Identifiable Information data in Splunk. Masked sensitive information such SSN numbers, Addresses when showing results in Splunk.
• Configure Splunk for all the mission critical applications and using Splunk effectively for Application troubleshooting and monitoring post go lives
• Supported 8 Splunk search Heads, 40 Indexers, 2400 forwarders.
• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Work closely with Application Teams to create new Splunk dashboards for Operation teams.
• Troubleshooting and resolve the Splunk - performance, log monitoring issues; role mapping, dashboard creation etc.
• Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects
• Created Dashboards and Reports to show Login count of each application, to show which app resources being accessed more, Number of failed logins, statistics on High hitting applications.

Environment: SPLUNK 6.0.1, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL.

Splunk Admin

Confidential, RTP, NC

Responsibilities:

• Responsible for installing, upgrading. Configuring several Splunk servers including forwarders, indexers and search heads.
• Configured real time alerts, scheduled reports and dashboards.
• Provided regular support to SPLUNK team on complex solution and issue resolution with the objective of ensuring possible solution.
• Designed Perl scripts to parse out host name from IP address, OS type of over multiple hundreds UNIX/LINUX servers.
• Prepared, arranged and tested Splunk search strings and operational strings. Created and configured management reports and dashboards.
• Subject matter expert in best practices, security protocols and other security-related issues.
• Analysed large datasets to identify metrics, drivers, performance gaps and opportunities for improvement.
• Created Splunk applications and deploy using Splunk Deployment Server.
• Experienced with Splunk DBConnect application and Splunk forwarder deployment.
• Worked on new indexers and search head in Cluster environment on Linux platform with Splunk 6.3 version.

Environment: Splunk 6.x, Tomcat 6.0, IBM HTTP Server, Apache 2.x, Solaris10, Windows 2008, Oracle 11g/10g, web services, LDAP, HTML, XML, SSL, JDBC.

Splunk Admin

Confidential

Responsibilities:

• Supported Splunk circulated environment comprising of search heads, indexers and forwarders across different OS including Solaris and Windows.
• Created and configured management reports and dashboards in Splunk for application log monitoring
• Install different Splunk Applications, for example, Cisco for Splunk and Windows for Splunk.
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Installation and upgrade of Software & Patches, configuration management, version control, service pack. & reviewing connectivity issue regarding security problem.
• Detect patterns in the data and identify security issues for further investigation.
• Prepared, arranged and tested Splunk search strings and operational strings. Created and configured management reports and dashboards.
• Creating workflow from notable events and managing incident review dashboard.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing
• Configured Indexer replication to achieve data availability, data fidelity and disaster tolerance.

Environment: SPLUNK 6.0.1, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL.

Network Security Analyst

Confidential, Richardson TX

Responsibilities:

• Supervised and provided technical support for internal NOC and Field Engineers to address various client technology needs including network installation.
• Network upgrade, patching and maintenance activities on live CDMA network (CDMA Backhaul Routing System, BSC, BTS) for Sprint, Verizon Wireless, Cricket Communication and Bell Mobility.
• Role included End to End CDMA Product Upgrades for the Customer Sites. Upgrades and Rollback of all the nodes in the CDMA network using the latest Release documents.
• Designed high level and detailed level test estimates based on the requirements for the feature.
• Designed test plan & test cases based on the requirements of the feature.
• Raise the Change Request for the bugs identified during the sanity and follows up with the design teams for the fix the bugs in the early stage.
• Prepared the Customer sites before upgrading them. This included Software downloads, Patch downloads, Pre-checks, System Backups etc. All the issues found during this were reported to the customer and got it fixed from CNS/Customer before proceeding.
• Report and follow up the issues found during the upgrade through Clarify.
• Interact with the customer during the Maintenance Window to make sure there is no outage or abnormal behaviour in the system while upgrade in progress.

Environment: CDMA Network, UNIX, Putty, SQL, CEMS, Secure CRT, HP Quality Centre, Citrix Clarify, ERS8600.

Network Security Analyst

Confidential

Responsibilities:

• Conducted risk assessments and security regression testing scenario for CDMA network, exceeded assigned role, proactively employing best practices, analysis and test planning to find security loopholes.
• Raise the Change Request for the bugs identified during the sanity and follows up with the design teams for the fix the bugs in the early stage.
• Enabled design team to provide security solutions ahead of software delivery, enabling safeguard against attacks and reducing network downtime, creating secure networks.
• Test planning and feature analysis of the CNM node for the regression testing.
• Develop and maintain relationships with internal and external customers to formulate information security governance solutions.
• Tested CDMA network manager to identify bugs and make corrections fixed before delivery.
• Create security documentation related to Security role in divestiture, Security Statement, ISMS and policy Ensure safety of information systems and assets.

Environment: Wireless CDMA Network, Core Billing Machine, CDMA Network Management, UNIX, Nessus Security Vulnerability Assessment tool, ERS8600, Citrix Clarify, IS Benchmark, Putty, OS/DB Hardening, HP Mercury Centre, Wireshark. Checkpoint Firewalls NGX and VPN-1 version R65 and Juniper Firewall Net Screen-Security, Crossbeam.