SUMMARY:

• 6+ years of experience in Splunk Development & Administration
• Experienced in creating reports, dashboards & alerts.
• Proficient Splunk Engineer with Splunk 7.x, 6.x and 5.x product, Distributed Splunk architecture and components including search heads, indexers, forwarders.
• Good Knowledge on Configuration files in Splunk.
• Streamlined operations, realize efficiencies and cost saving by integrating teams across service lines, resulting in savings.
• Develop custom app configurations (deployment - apps) within SPLUNK to Parse, Index multiple types of log format across all application environment. Setup Splunk Forwarders for new application levels brought into environment.
• Expertise in Splunk Query Language (SPL)
• Data Onboarding from various sources of Standard & Custom Logs from Inhouse built legacy application.
• Monitoring Splunk Health & Database Connection Health by using Splunk DB Connect Health dashboards.
• Proficient in setting up Splunk forwarder agents across different OS platforms to capture the data.
• Extensive experience in setting up and maintaining various Scheduled Alerts in Splunk to monitor track and notify the abnormalities immediately.
• Extensive experience in deploying, configuring, and administering Splunk clusters.
• Troubleshoot Splunk infrastructure components, performance issue and license usage in coordination with infrastructure support teams.
• Experience in performance testing, application monitoring and website support for banking, insurance, manufacturing, and retail industries.
• Experience onSplunksearch construction with ability to create well-structured search queries that minimize performance impact.
• Standardize Splunk forwarder deployments, configurations, and maintenance across a variety of UNIX and Windows platforms.

TECHNICAL SKILLS:

Splunk: Splunk8.0,Splunk 7.X, 6.x and 5.x, Splunk Enterprise, Splunk on Splunk, Splunk IT Service Intelligence, Splunk DB 2 Connect, Splunk Cloud

Operating Systems: Windows 2000, XP, Win 10, Windows Server, Unix/Linux (Red Hat), Free BSD

Web Technologies: HTML, DHTML, JavaScript, XML

Web/App Servers: Apache Tomcat 6.0, web logic8.1/9.2, web sphere 6.0

Concepts: SDLC, Object Oriented Analysis and Design, Unified Modeling Language (UML), Assembly and System Level Testing, exposure in Agile.

Programming Language: C, C++, Java with Big Data, Python, UNIX shell scripts

PROFESSIONAL EXPERIENCE:

Confidential, Charlotte, NC

SPLUNK ADMIN responsibilities:

• Worked with Executive Managers and data feed owners on a regular basis to gather onboarding requirements for multiple Projects with various applications.
• Experienced in multiple Terabyte of Data Collection per day from various System Servers like Syslogs, DB Connect, HTTP Event Collector.
• Worked Independently to Perform a Administrative activivties to ingest new feeds into Splunk and perform modifications as necessary.
• Created Splunk application and deployed using deployment server.
• Worked on new Indexers and Search head in clustered environment on Linux platform with Splunk 7.2.1 Version.
• Utilized field extraction using Ifx, Rex Command and Regex in configuration files.
• Provided regular support guidance to Splunk project teams on complex solution and issue resolution.
• Worked on Splunk search processing language, Splunk dashboards and Splunk dbconnect app.
• Have experience working in different environments and with the process flows in AGILE as well as Waterfall methodologies.
• Resolved configuration based issues in coordination with Infrastructure Support teams.
• Created and Configured AD groups for various App Owners.
• Experienced in using RegEx for Props and Transforms configs.
• Develop field extraction using Ifx, Rex command and Regex in configuration files.
• Troubleshoot and tune splunk deployment for Servers, Applications and Network devices.
• Provide support and first level troubleshooting for identified defects and user Incidents.
• Worked in Agile Methodology.
• Documented and Trained Peers related to Custom home grown infrastructure.
• Assigning Applications to team members and ensuring the delivery within SLA.
• Defining the complexity of each application based on various factors.
• Designed and maintained complex Splunk dashboards on Enterprise version.
• Configured Splunk for dynamic analytics and machine data indexing.
• Worked on Splunk search processing language, Splunk dashboards and Splunk DB connect app.

Confidential - NORFOLK, VA

SPLUNK ADMIN/ DEVELOPER responsibilities:

• Configured Splunk Searching and Reporting modules, Knowledge Objects, Administered Data Ingestion, Add-On's, Dashboards, Index Cluster and Forwarder Management.
• Configured Splunk forwarders and indexers to ingest infrastructure logs.
• Configured Splunk for dynamic analytics and machine data indexing
• Experience on use and understand of complex RegEx (regular expressions).
• Worked on Splunk search processing language, Splunk dashboards and Splunk DB connect app.
• Splunk ITSI to determine The KPI for the business.
• Performed Splunk administration tasks such as installing, configuring, monitoring, and tuning.
• Install and maintain the Splunk add-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database.
• Installed and configured Splunk DB Connect in Single and distributed server environments.
• Configure the add-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.
• Deployed Splunk updates and license distribution over multiple servers using a deployment server.
• Create Dashboard Views, Reports and Alerts for events and configure alert mail.
• Monitor the Splunk infrastructure for capacity planning and optimization
• Integrated ServiceNow with Splunk to generate the Incidents from Splunk.
• Active monitoring of Jobs through alert tools and responding with certain action logs, analyses the logs and escalate to high level teams on critical issues.
• Experience in handling network resources and protocols such as TCP/IP, Ethernet, DNS Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Splunk search construction with ability to create well-structured search queries that minimize performance impact.
• Monitored the database (data tables and error tables), WebLogic error log files and application error log files to track and fix bugs.
• Designed and maintained complex Splunk dashboards on Enterprise and Enterprise Security.
• Ensuring that the application website is up and available to the users.
• Continuous monitoring of the alerts received through mails to check if all the application servers and web servers are up.
• Monitored Database Connection Health by using Splunk DB connect health dashboards.
• Created Crontab scripts for timely running jobs.
• Created and configured KPI's in Splunk IT Service Intelligence (ITSI).
• Good experience in creating Splunk apps, navigations, interfaces and good experience on Splunk lookups, macros, Pivot, datamodels, lookupfiles and their publication into Splunk.

Confidential - CHICAGO, IL

SPLUNK ENGINEER responsibilities:

• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Designing and implementing Splunk-based best practice solutions. Requirement gathering and analysis.
• Interacted with team members and Business users during the design and development of the application.
• Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.
• Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.
• Installed, Configured, implemented various visualization Add-ons to the developed and developing dashboards.
• Help to document best practices in developing and using SPLUNK.
• Experience with Splunk UI/GUI development and/or operations roles
• Extensively worked on creation of range maps for various SLA conditions by using all kinds of Splunk

Confidential

Splunk admin/ developer responsibilities:

• Performed Splunk administration tasks such as installing, configuring, monitoring and tuning.
• Install and maintain the Splunk add-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database.
• Installed and configured Splunk DB Connect in Single and distributed server environments.
• Configure the add-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.
• Automating in Splunk using Perl with Service-Now for event triggering.
• Deployed Splunk updates and license distribution over multiple servers using a deployment server.
• Create Dashboard Views, Reports and Alerts for events and configure alert mail.
• Monitor the Splunk infrastructure for capacity planning and optimization.
• Server monitoring using tools likes Splunk, Solarwinds-Orion, HP BSM and HP Open View.
• Integrated ServiceNow with Splunk to generate the Incidents from Splunk.
• Active monitoring of Jobs through alert tools and responding with certain action logs, analyses the logs and escalate to high level teams on critical issues.
• Monitored the database (data tables and error tables), WebLogic error log files and application error log files to track and fix bugs.
• Ensuring that the application website is up and available to the users.
• Continuous monitoring of the alerts received through mails to check if all the application servers and web servers are up.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Monitored Database Connection Health by using Splunk DB connect health dashboards.
• Involved in monitoring the ticketing tool and taking the ownership of the tickets.
• Created Crontab scripts for timely running jobs.
• Developed build scripts, UNIX shell scripts and auto deployment processes.
• Provided 24/7 on-call Production Support.