PROFESSIONAL SUMMARY:

• Over 8 Years of experience in Information technology field, and 4+ years of experience as Splunk developer, Monitoring, Data Analytics performance tuning Troubleshooting and Maintenance of Data Base.
• Experienced in Preparing, arranging and testing Splunk search strings and operational strings.
• Extensive knowledge in Splunk6.x and 7.x product, Distributed Splunk architecture and components including search heads, indexers, forwarders, etc. and various components. Passionate about Machine data and operational Intelligence.
• Headed Proof - of-Concepts (POC) on Splunk implementation, guided other team members on Understanding the use case of Splunk.
• Created Splunk Dashboards for different sorts of business clients in association.
• Expertise in writing SQL Queries, Dynamic-queries, sub-queries and complex joins for generating Complex Stored Procedures, Triggers and User-defined Functions.
• Experience with Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.
• Expertise in Actuate Reporting, development, deployment, management and performance tuning of accurate reports.
• Good Knowledge with search head clustering and Index clustering.
• Implemented workflow actions to drive troubleshooting across multiple event types in Splunk.
• Good Understanding of AWS.
• Extensive experience and actively involved in Requirements gathering, Analysis, Reviews.
• Expertise in creating accurate reports, Dashboards, Visualizations and Pivot tables for the business users.
• Expert in using Rex, Sed, Regrex and IFX to extract the fields from the log files.
• In depth and extensive Knowledge in setting up alerts and monitoring recipes from the Machine generated data.
• Used Splunk tool to analyze the logs in the applications.
• System Administration familiar with Windows Servers, Red Hat Linux Enterprise Servers.
• Standardize Splunk forwarder deployment, configuration and maintenance in Linux and windows platforms. Created rolled based AD access for Splunk.
• Installed the Splunk Light Weight Forwarders, Forwarders, Indexers, and Search Heads after configuring the files like Output.conf, input. Conf etc.
• Managing of Splunk licenses based on the requirement.
• Extensive experience and actively involved in Requirements gathering, Analysis, Reviews, Coding and Code Reviews, Unit and Integration Testing.
• Knowledge of Extract keyword, sed, Knowledge objects, Knowledge of various search commands like stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table etc.
• Installed different Splunk Applications, for example, Cisco for Splunk, Windows for Splunk and VMware for Splunk.
• Experience in Shell scripting and extensively used Regular expressions in search string and data anonymization.
• Experience in Optimized search queries using summary indexing.
• Strong experience using SQL, PL/SQL Procedures/Functions, Triggers, and Packages

TECHNICAL SKILLS:

Splunk: Splunk 6.x.x/7.x.x, Splunk Cloud, Splunk Enterprise, Splunk on Splunk, Splunk DB Connect, Splunk SIEM & ES, CIM

Web/App Servers: Apache Tomcat 7.x/6.x, WebLogic 11g/12c, WebSphere 7.0

Operating Systems: Unix/Linux (CentOS), Windows 2008/2003

Programming Language: C, C++, Java, Linux Shell Scripts, Oracle SQL and PL/SQL

Java/J2EE Technologies: J2EE, JSP, JDBC, JMS, Web Services

RDBMS: Oracle 11g/10g/9i/8i, MS: SQL Server 2005/2008/2008 R2, DB2, MS Access.

Web Technologies: HTML, DHTML, JavaScript, XML, XSL, XSLT

Web/App Servers: Apache Tomcat 6.0, web logic 8.1/9.2, web sphere 6.0

Tools: Artifactory v5.4.4, Tableau v10.2.1, Ansible Tower v2.4.1, TFS 2017, SonarQube v5.6.6

PROFESSIONAL EXPERIENCE:

Confidential, Dallas, TX

Splunk Developer/Admin

Responsibilities:

• Gather and understand the Client requirements and onboard new data sources into Splunk.
• Use Splunk to collect and index log data.
• Optimize Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Setting up dashboards for senior management and production support- required to use SPLUNK.
• Develop end-to-end event monitoring infrastructure of business-aligned applications
• Create and Manage Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Monitor and investigate SOC incidents and alerts with Sourcefire.
• Prepare, arrange and test Splunk search strings and operational strings. Create and configure management reports and dashboards.
• Actuate Reporting, development, deployment, management, and performance tuning of Actuate reports.
• Maintain and manage assigned systems, Splunk related issues and administrators.
• Create and maintain documentation related to Architecture and Operational processes for Splunk.
• Analyze the behavioral patterns of the customers and all the data generated from various web and server logs.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes. Work on Security solutions SIEM that enable organizations to detect, respond and prevent threats by providing valuable context and visual insights to help make faster and smarter security decisions.
• Optimize the search performance of Splunk queries and reduced the time for loading the dashboards.
• Set indexing property configurations, including time zone offset, custom source type rules. Configure Regex transformations to perform on data inputs.
• ITSI Modules process data Collected using Splunk Add-ons and Created Multiple KPIs dashboards.
• Work with business/IT and create the next steps plan and implement the same.
• Implemented Post processing method for searches in PII DATA dashboards.
• Building range maps for various SLA conditions by using all kinds of Splunk 6.x Dashboard Examples.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Good Understanding of configuration files, precedence and daily work exposure to Props.conf, transforms.conf, inputs.conf, outputs.conf and Setting up a forwarder information based on requirement.
• Develop shell scripts to handle everyday System Administration tasks such as backup procedure, system cleanup, everyday system tasks, log rotation etc.

Environment: Splunk 6.x.x/7.x.x, Data Models, Server management, Dashboards, Search processing language (SPL), Field extraction, Regex, Rex, LINIX, XML, Advanced XML, Java Script, CSS, HTML

Confidential, Austin, TX

Splunk Developer/Admin

Responsibilities:

• Installing and configuring Splunk Forwarder on both Windows and Linux servers.
• Managing Splunk Forwarder via centralized deployment server.
• Installation as well as Configuration of Indexer, Search Head, License Server and Deployment Server on Linux Server.
• Creating and customizing Splunk applications, searches, and dashboards as desired by IT teams and business.
• Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.
• Designing and maintaining production-quality Splunk dashboards, Data gathering from onsite and coming up with an implementation plan.
• Installed, tested, and deployed monitoring solutions (Alerts, Dashboards and Reports) with Splunk services for different Application Teams.
• Build Splunk dashboards using XML and Advanced XML as well as Created Scheduled Alerts for Application Teams for Real Time Monitoring.
• Prepared Daily, Weekly and Monthly Reports for Business according to requirement using Splunk and reported to Business in case of any Data Mismatch or Data abnormality.
• Worked on Knowledge Objects such as Event Types, Tags, Field Extraction (Using Regular Expression), and Lookups etc.
• Install, Configure, and use different Apps such as Splunk DB Connect (for connecting to Databases), WMI (to monitor CPU and Memory Usage on Servers) etc.
• Dashboard creation for various use cases required for real time monitoring of various infrastructure & the cyber security of the organization on Splunk
• Creation of Knowledge Objects (Lookups, Tags & Event Types, Workflow Actions, Alerts, Macros, Data Models, Alerts) & Summary Indexing to Optimize performance and functionality.
• Monitored all Critical Applications to save approximately 50% of Business Hours.
• Managing indexes and cluster indexes, Splunk web framework, data model and pivot tables.
• Shell scripting to automate and monitor the environment routine tasks.
• Analyzed and monitored incident management and incident resolution problems.
• Monitoring the performance of all the critical Servers using AppDynamics.
• Creation of Alerts and Dashboards Using AppDynamics

Environment: Splunk Enterprise, Splunk 6.x.x, Splunk DB connect, SIEM, AppDynamics, New relic, Splunk Glass Tables, Deep Dives, KPIs

Confidential, Francisco, CA

Splunk Developer/Admin

Responsibilities:

• Installed Splunk architecture and components including search heads, indexers, forwarders, etc.
• Created Quality-Report, custom Dashboards, report, scheduled searches and triggered alerts.
• Resolved configuration-based issues in coordination with infrastructure support teams.
• Extracting Search time vs Index time field extraction.
• Performed network vulnerability security scans to identify cyber vulnerabilities.
• Understood configuration files, precedence and daily work exposure to props.conf, transforms.conf, inputs.conf, outputs.conf and Setting up a forwarder information based on requirement.
• Maintenance of Splunk Environment with multiple Indexers.
• Manage and configure index settings and created event type definitions. Analyzed security-based events, risks and reporting instances.
• Set up Splunk to capture and analyze data from various layers Load Balancers, Web servers and application servers.
• Developing custom web application solutions for internal ticket metrics reporting.
• Set indexing property configurations, including time zone offset, custom source type rules.
• Configure regex transformations to perform on data inputs. Use in tandem with props.conf
• Designed core scripts to automate Splunk maintenance and alerting tasks.
• Worked on DB Connect configuration for Oracle, My SQL and MSSQL.
• Used kill chain analysis to trace the different stages of an advanced threat, link the sequence of events and enable targeted remediation.
• Configure SIEM tool performance.
• Install and maintain the Splunk add-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Configure SIEM tool performance and event data.
• Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects.
• Interact with the data warehousing team regarding extracting the data and suggest the standard data format such that Splunk will identify most of the fields.

Environment: Splunk Enterprise 6.x.x, SIEM, Windows Server 2012/2008/2003 R2, Linux and UNIX Servers Splunk, SQL Server 2008, SAN, WLAN, Service Now, Netcool, OSI.

Confidential, Springfield, MO

Splunk Developer

Responsibilities:

• Setting up SPLUNK to monitor the customer volume and track the customer activity.
• Field Extraction, Using IFX, Rex Command and REGEX and delimiters
• Guarantee high accessibility & execution through flat scaling and burden adjusted segments.
• Prepared, arranged and tested SPLUNK search strings and operational strings.
• Actuate Reporting, development, deployment and performance
• Creating Dashboards, reports, scheduled searches and alerts.
• Created EVAL Functions where necessary to create new field during search run time.
• Provide inputs for identifying best fit architectural solutions - deployment for SPLUNK project
• End-to-end event monitoring infrastructure of business-aligned applications
• Analyzed security-based events, risks and reporting instances.
• Worked on SPLUNK use cases and proliferate SPLUNK usage across the enterprise.
• Worked on DB Connect configuration for Oracle, My SQL and MS SQL
• Good understanding about SPLUNK and login architecture and various components (indexer, Forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Created dashboards for senior management and production support- required to use SPLUNK

Environment: Splunk 6.x.x, Linux, Splunk Knowledge Objects.

Confidential

SQL Database Administrator

Responsibilities:

• Creating and managing of databases, Performance monitoring, troubleshooting, enhancing high availability and disaster recovery solutions.
• Tested and configured automated routine maintenance tasks like performance tuning, indexes and stored procedures, checked deadlocks and created scheduled jobs.
• Created and managed schema objects such as tables, views, stored procedures, and triggers and maintained Referential Integrity.
• Created new database objects like Procedures, Functions, Packages, Triggers, Indexes and Views using Confidential -SQL in Development and Production environment for SQL Server.
• Developed Database Triggers to enforce Data integrity and additional Referential Integrity.
• Developed SQL Queries to fetch complex data from different tables in remote databases using joins, database links and formatted the results into reports and kept logs.
• Used SQL Profiler and Query Analyzer to optimize DTS package queries and stored procedures
• Involved in performance tuning and monitoring of both Confidential -SQL.
• Involved in data migration and data integration.
• Prepared test reports and bug logs for the testing done and reporting the status to Sr. Management.
• Served as developer for the solutions designed by other team members.

Environment: SQL server 2005, Oracle 9i Server, SQL Plus, PL/SQL, Query Analyzer, SQL Profiler, DTS, Import/Export tools, SQL Server Agent, SQL Server Enterprise Manager, SQL Jobs, SQL Alert, VB Script, SCO Unix, ODBC, JDBC, Database Engine Tuning Advisor, Windows 2005 Server.

Confidential

PL SQL Developer

Responsibilities:

• Involved in the design, coding, deployment and maintenance of the project.
• Acted as a single point contact for the Database related activities like developing/ creating tables, procedures and functions for the java developers. Involved in designing of the application using UML (Unified Modeling Language).
• Written PLSQL procedures to extract the daily promoted and demoted Employees from the HR database.
• Loading of data (Data Migration) from legacy system to custom tables using SQL LOADER.
• Developed stored procedures and triggers to facilitate consistent data entry into the database.
• Written Stored Procedures using PL/SQL and functions and procedure for common utilities.
• Participated in system analysis and data modeling, which included creating tables, views, indexes, synonyms, triggers, functions, procedures, cursors and packages. Created programming code using advanced concepts of Records, Collections and Dynamic SQL.
• Used advanced Bulk technologies (FOR ALL, BULK COLLECT) to improve performance. Developed installation scripts for all the deliverables. Performed functional testing for different Oracle Forms application functionalities.
• Developed various reports by using SQL.
• Performed unit testing, system testing and integration testing.
• Worked on Oracle database to design Database schema, created Database structure, Tables and Relationship diagrams.
• ETL Development using Confidential -SQL programming, scripts, stored procedures, views.
• Supported on call 24x7 schedule for Production Support.
• Supporting on-call in out of office hours.

Environment: Oracle 11g, SQL, PL/SQL, Pro *C, Java Script, UNIX, ETL.