SUMMARY:

• Knowledge in Developing SIEM configurations, use cases and operational models or specific security solutions to meet the customer's requirement and assess risks imposed by technical solutions
• Created many of the proof - of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Installing, Configuring and implementing various visualization add-ons to create and develop Splunk dashboards
• Developing Scheduling Alerts, Experience with Deployment Server & Advanced XML
• Well versed in both remote and on-site user Splunk Support.
• Worked with the Application Teams to create Splunk Dashboards for stakeholders and Operations team
• Knowledge in Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes
• A leader of Proofs-of-Concept (POC) on Splunk ES implementation, mentored and guided other team members on Understanding the use case of Splunk
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Experience in creating different visualizations using Bar, Line and Pie chart, Background Maps, Box plots, Scatter plots, Gantt charts, Bubble charts, Histograms, Trend lines & statistics, Bullets, Heat maps, and Highlight tables
• Develop custom app configurations (deployment-apps) within SPLUNK in order to parse, index multiple types of log format across all application environments.
• Worked with members of the Security Operations Center to develop alerts and correlation searches for SIEM events
• Communicating and collaborating with customers, Splunk users.
• Expertise in customizing Splunk for Monitoring, Application Management, and Security as per customer requirements and industry best practice.
• Create Splunk Search Processing Language (SPL) queries, Reports, Alerts, and Dashboards.
• Designed, developed and implemented multi-tiered Splunk log collection solutions.
• Implemented the indexer clustering and search head clustering in a production environment.
• Excellent analytical and interpersonal skills and ability to learn new concepts and supported 24/7 on call in a production and development environment.
• Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.
• Creation of indexes, forwarder & indexer management, Splunk Field Extractor IFX; New/Older versions.

PROFESSIONAL EXPERIENCE:

Splunk Developer/Admin

Confidential, Charlotte, NC

Responsibilities:

• Collecting data from various servers, creating and managing Splunk apps and forwarders
• Knowledge in Agile Scrum QA technologies
• Experience in creating and triggering different dropdowns using Splunk static lookups
• Creating SPL (Splunk Processing Language) queries and Regular Expressions within Splunk
• Worked with the Application Teams to create Splunk Dashboards for stakeholders and Operations team
• Developing SIEM configurations, use cases and operational models or specific security solutions to meet the customer's requirement and assess risks imposed by technical solutions
• Executed SPL queries for ETL requirements such as mapping, to verify the process between different environment during the different stages
• Provided Splunk support on UNIX, Linux, and Windows - based platforms. Assist with automation of processes and procedure
• Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Installing, Configuring and implementing various visualization add-ons to create and develop Splunk dashboards
• Field Extraction, Using Ifx, Rex Command, and Regex in configuration files.
• Provided support and guidance to Splunk project teams on complex solution and issue resolution
• Splunk DB Connect 2.0 in search head cluster environments of Oracle, MySql.
• Integration of Splunk DB Connect with Splunk to get logs from Database.
• Experience with standardizing process for on-boarding like creating a form in ServiceNow.
• Installation of Splunk head, Indexer and Forwarders on 1000+ servers (Windows & Linux environment)
• Involved in standardizing Splunk forwarder deployment, configuration, and maintenance across UNIX and Windows platforms.
• Install, configure and administer Splunk Enterprise Server 6.x.x and Splunk Forwarder6.x.x on Red hat Linux
• Installing and maintaining the Splunk add-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database

Environment: Splunk6x, Splunk7x, Linux, Oracle 11g, MS SQL Server 2012, SQL.

Splunk ADMIN/ Developer

Confidential, New York

Responsibilities:

• Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add - On's, Dashboards, Clustering and Forwarder Management.
• Supported in updating Splunk 6 to 7 version
• Support SPLUNK on UNIX, Linux, and Windows-based platforms
• Assisted with automation of processes and procedures
• Used Splunk DB Connect Addon to integrate Splunk with Database like SQL
• Knowledge in Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes
• Experience in using Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management
• Experience in writing complex Interactive Field Extractor (IFX), rex and Multikv command to extracts the fields from the log files
• Experience in creating different visualizations using Bar, Line and Pie chart, Background Maps, Box plots, Scatter plots, Gantt charts, Bubble charts, Histograms, Trend lines & statistics, Bullets, Heat maps, and Highlight tables
• Working knowledge of scripting languages (e.g. Python bash, etc.). Excellent knowledge of TCP/IP networking, and inter-networking
• Experience in Splunk 5.x and 6.x product, distributed Splunk architecture and components including search heads, indexes, and forwarders
• Performed Field Extractions and Transformations using the RegEx in Splunk.
• Created Splunk DB Connect Addon to integrate Splunk with the SQL Database
• On a scheduled basis, configure backups, verify custom reports, manage log source groups, and validate log sources with the client.
• Dispatch queries and makes configuration changes using the RESTful API and python scripts
• Monitored Database Connection Health by using Splunk DB connect health dashboards
• Created Crontab scripts for timely running jobs.
• Proficient in writing SQL Queries, PL/SQL Packages, Functions, Triggers.
• Responsible for resolve issues of QRADAR
• Create advanced dashboards, alerts, and reports with SPL and XML.
• Leader of Proof-of-Concepts (POC) on Splunk ES implementation, mentored and guided other team members on Understanding the use case of Splunk
• Integrated Splunk Web environment with Mobile App.
• Created triggers using PL / SQL and UNIX Shell scripts.
• Experience in dashboards and reports performance optimization

Jr Splunk Developer

Confidential

Responsibilities:

• Worked closely with developers in order to ingest the data inputs into Splunk enterprise.
• Most of the time worked to install Universal Forwarders but we have heavy forwarders set up to see data from syslog server side
• Designed and Built Tomcat environment in Stage, Dev and Production environment
• Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls
• Developing Scheduling Alerts, Experience with Deployment Server & Advanced XML
• Well versed in both remote and on - site user Splunk Support.
• Building Searches and visualize them using dashboarding capabilities of Splunk as per business requirements.
• Developed Dashboards for Business Activity Monitoring, Enterprise Architecture
• Configured Clusters, Server groups, and Cloning for improved availability and failover capacity.
• Good knowledge about Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Created Dashboards for various types of business users in the organization and worked on creating different Splunk Knowledge objects like Macros, Calculated fields, Tags, Event Types and Lookups.
• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Using Search Processing Language (SPL) created Visualizations to get the value out of data.