SUMMARY:

• 10+ years of experience in designing, developing and delivering automation projects using Splunk Splunk, ETL & SQL.
• Experience as Splunk Admin/Developer, performed activities including requirement analysis, design and implementations of various client server - based applications using Splunk 5.x, Splunk 6.x.
• Expertise in customizing Splunk for Monitoring, Application Management and Security as per customer requirements and industry best practice.
• Expert in analyzing data, correlating trends, building reports and report writing.
• Expertise with the usage of various search commands like stats, chart, timechart, transaction, strptime, strftime, eval, where, xyseries, table etc.
• Experience in using Regular Expressions.
• Managed Indexer Clusters including security, hot and cold bucket management and retention policies. Used techniques to optimize searches for better performance, Search time vs Index time field extraction and understanding of configuration files, precedence and working props.conf, transforms.conf, inputs.conf, outputs.conf setting up a forwarder Monitor stanza in inputs.conf.
• Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.
• Expert in install, configure and administer Splunk Enterprise Server and Splunk Universal Forwarder Splunk Heavy Forwarder in large distributed environment comprising Windows, Red hat Solaris, AIX with exposure various Splunk Apps to monitor Splunk deployments.
• Install and configure Splunk DB Connect and support of syslog-ng and rsyslog and Security Operation Centre (SOC).
• Perform Enterprise Linux tasks as they pertain to supporting the Splunk application.
• Experience in Quality assurance,Test automation, Synthetic Monitoring and Mobile device Management. Experienced in all data processing phases, from the Enterprise Model, Data Model (Logical and Physical Model), and Data Warehousing (ETL).
• Experience in Big Data and familiar with components of Hadoop Ecosystem: HDFS, HAWQ, Hive, HBase, Pig.
• Normalization of fields and defining the event types used CIM (Common Information Model). Extensive experience in writing Packages, Stored Procedures, Functions and Database Triggers using PL / SQL and UNIX Shell scripts. Also handled Oracle utilities like SQL Loader, import etc.
• Extensive Data Warehouse experience using Informatica 7/8.x/9 Power Center tools (Source Analyzer, Mapping Designer, Mapplet Designer, Transformation Designer, Repository Manager, and Server Manager) as ETL tool on Oracle /DB2 Database.
• Worked with SIEM team monitoring notable events through Splunk ES. Experienced in Data Extraction, Transforming and Loading (ETL) between Homogenous and Heterogeneous Systems using SQL Server tools like SSIS, DTS, Bulk Insert, BCP and XML, Data loss prevention.
• Extensive experience in writing Packages, Stored Procedures, Functions and Database Triggers using PL/SQL and UNIX Shell scripts. Also handled Oracle utilities like SQL Loader, import etc. Working knowledge of data warehouse techniques and practices, experience including ETL processes, dimensional data modeling (Star Schema, Snow Flake Schema, FACT & Dimension. Tables), OLTP and OLAP.
• Strong experience using SQL, PL/SQL, NoSQL Procedures/Functions, Triggers and Packages. Very good understanding of software development life-cycle (SDLC) process and OSI Model. Experience in in SIEM, AND CIM, AND CLI commands.
• Experience in various BI Tools like TIBCO Jasper soft, Tableau for designing customized interactive and advanced rich visualization dashboards using connectors, extensions, filtrs, parameters, calculations. Worked closely with the architect and team in designing, developing and implementing the logical and physical model for the Data Mart.
• Experience in different team projects with good project implementation experience, team skills, troubleshooting, presentation abilities and issue resolution capabilities.

TECHNICAL SKILLS:

Splunk Modules: Splunk 5.x/6x, Splunk DB Connect 1.x, 2.x, Splunk Enterprise security, Splunk on Splunk, Splunk App for VMware, Splunk Web Framework, Splunk IT Service Intelligence

Operating Systems: Red Hat Linux (4.x, 5.x, 6.x) Unix, Windows XP/2003/7/8/10, Solaris (8, 9, 10) Web Servers Oracle Http Server, Apache Tomcat, MS IIS server 5.1/6.0, IBM-HTTP, IIS server Application Servers Oracle Web Logic Server 8.x./9.x/10.x, JBoss 5.x/6.x, Oracle SOA Suite 11g.

Tools: Splunk 5x/6x Is 5.1 .5.3 6.1.3, 6.2.3, 6.3, Oracle 11g/10g/9i/8i/7.3 TOAD, SQL Loader, TOAD 10.6.

Databases: Oracle, MYSQL SERVER, MS Access, AWS and Azure Clouds.

Languages: SPL, C, C++, Basic JAVA, SQL, XML, Hadoop and PL/SQL.

Scripting Languages: Perl, Python, Ruby, Linux shell scripts, UNIX Shell Scripting (Bourne, C and Bash)

Web Services: SOAP and REST, Web Sphere Application Server8.x/7.x/6.x/5.x

Networking & Protocols: FireEye, TCP/IP, HTTP, HTTPS, SME, LDAP, NIST, Firewall, VMware, SNMP, LDAP, SDLC, DNS, DHCP, DNS, NAT, SIEM, ELK, ITSI.

WORK EXPERIENCE:

Senior Splunk Consultant

Confidential - Livonia, MI

Responsibilities:

• Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Provide regular support guidance to Splunk project teams on complex solution and issue resolution. Created Dashboards, report, scheduled searches and alerts using XML. Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Integrated Service Now with Splunk to generate the Incidents from Splunk. Worked on DB Connect configuration for Oracle, My SQL and MSSQL. Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Created HTML dashboards with java scripts and CSS to create customized visualizations. Installed and configured DB Connect plug in to get the data from Oracle, MySQL and MSSQL. Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions. Creating and managing app, create user, role, Permissions to knowledge objects. Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Configure Clustering EJB objects, JDBC connections and JMS connection factories. Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Worked on setting up Splunk to capture, analyze data in Bank of America online Banking. Set up Splunk to capture and analyze data from various layers Load Balancers, Web servers and application servers.
• Captured data from various front end, middle ware application. Dashboards were created to monitor the traffic volume across, response times, Errors, Warnings across. Maintain, grow and improve the TVX Splunk environment.
• Use techniques to optimize searches for better performance, Search time vs Index time field extraction. And understanding of configuration files, precedence and working.
• Create dashboard from search, Scheduled searches o Inline search vs scheduled search in a dashboard. Expertise in using Amazon AWS API tools like: Linux Command line, puppet integrated AWS API tools. Expertise with SIEM and log sources and SME.
• Prepared, arranged and tested Splunk search strings and operational strings. Developed, evaluated and documented specific metrics for management purpose. Using SPL created Visualizations to get the value out of data.
• Monitor for fraud patterns in claims by correlating with past profiles, internal and external fraud knowledgebase. Involved in assisting offshore members to understand the use case of business. Assisted internal users of Splunk in designing and maintaining production-quality dashboard. Installed, configured and managed Decameter users on the Hadoop cluster.
• Involved in writing complex IFX, rex and Multikv command to extracts the fields from the log files. Worked on DB Connect configuration for Oracle, My SQL, MSSQL, NoSQL.
• Developing custom web application solutions for internal ticket metrics reporting. Experience in implementation of log management, analysis solutions.

Environment: Splunk 6.0, pivotal HD, Splunk Enterprise security, windows, Splunk knowledge objects, Python, Rest APIS, SDKS, SIEM, AWS, NoSQL

Senior Splunk Developer/ Administrator

Confidential - Atlanta, GA

Responsibilities:

• Provide regular support guidance to Splunk project teams on complex solution and issue resolution. Involved as a Splunk Admin in capturing, analysing and monitoring front end and middle ware applications.
• As part of SIEM, monitored notable events through Splunk Enterprise Security (Using V3.0). Expertise with Splunk UI/GUI development and operations roles.
• Integrated real-time data between Splunk Enterprise and databases by using DB connect app. Created many of the proof-of- concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Helped team on-board data, create various knowledge objects, install and maintain the Splunk Apps, TAs and good knowledge on JavaScript for advance UI as well Python for advance backend integrations. Generated Shell Scripts to install Splunk Forwarders on all servers and configure with common Configuration Files such as Bootstrap scripts, Outputs.conf and Inputs.conf files.
• On-board new log sources with log analysis and parsing to enable SIEM correlation. Configuration of Inputs.conf and outputs. conf to pull the XML based events to Splunk cloud indexer. Parsing, Indexing, searching concepts Hot, Warm, Cold, frozen bucketing and Splunk clustering. Setup and configuration of search head cluster with three search head nodes and managing the search head cluster with deployer.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across Linux and Windows platforms.
• Worked on setting up Splunk to capture and analyse data from various layers, Load Balancers, Webservers and application servers. ery good understanding of software development life-cycle (SDLC) process, Followed Agile scrum and story maps for dev tracking.
• Supporting and monitoring Splunk cluster infra structure in AWS cloud environment. Scripted SQL Queries in accordance with the Splunk. Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Various types of charts alert settings Knowledge of app creation, user and role access permissions. Creating and managing app, create user, role, permissions to knowledge objects. Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Created Dashboards, Data models, report, scheduled searches and alerts. Field Extraction, Using IFX, Rex, Sed Command and Regex in configuration files. Automated reports and alerts to monitor the applications, tools and services proactively. Configuring and set up different hosts boxes on Ops view and site scope with hashtags. Proactively monitoring and trouble shoot the different hosts boxes on Ops view.

Environment: Splunk 6.2, 6.3.5, Linux, Site scope, Ops View, Service now, Linux and UNIX Servers, SQL Server 2008

Security Splunk Engineer

Confidential - Culpeper, VA

Responsibilities:

• Experience in implementing Splunk 5.x and 6.x in production, Distributed Splunk architecture and components including heads, indexers and forwarders etc.
• Hands on experience in installing and using Splunk apps for UNIX and Linux (Splunk nix). Worked on several Security related Usecases and have been a part of security team. Created various dashboards for Security operations to monitor LDAP and IAM applications.
• Complete deployment of Search Head Clusters in different environments, including migration of existing Search Head pooling (simultaneously cut over from current Search Head's instead of creating from scratch).
• Experience in configuring the rsyslog & syslog-ng and also with Regular Expressions. Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics And Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Use techniques to optimize searches for better performance, Search time Vs Index time field extraction. And understanding of configuration files, precedence and working.
• Implemented workflow actions to drive troubleshooting across multiple event types in Splunk. Worked with Client engagements and data onboarding and writing alerts, dashboards using the Splunk query language. Troubleshooting performance issues of Splunk searches.
• Coordinating with application and system owners to onboard applications in Splunk and ensure logging capabilities are functional. Analyzed security based events, risks and reporting instances. Assist in auditing through Splunk SME knowledge (PCI, SOC, etc.) rovide regular on-call support guidance to Splunk project teams on complex solution Good understanding of configuration files, precedence and daily work exposure Props.conf, transforms.conf, inputs.conf, output.conf and server.conf to set up forwarder information based on the requirement.
• Involved in installation, Administration and configuration of Splunk enterprise and integration with local legacy systems. Experience with Linux and Windows specialists for Splunk organization with a strong comprehension of the Splunk framework.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing. Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.
• Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls. Environment: Splunk 6.x, Splunk ES 4.2, Splunk DB Connect and other modules, Oracle WebLogic 9.x/10.x, J Boss 5.x/6.x, Tomcat 5.x/6.x, Oracle 9i/10g, Solaris 10, LINUX, Apache2.x, python, ANT, AWK, IIS, Integrity Site Minder Policy Server 5.5/6.0, LDAP.

Splunk Developer

Confidential

• Having experience in understanding of Splunk 5.x and 6.x product And ITSI, Distributed Splunk architecture and components including search heads, indexers, forwarders, etc.
• Created Quality-Report, custom Dashboards, report, scheduled searches and triggered alerts. Resolved configuration-based issues in coordination with infrastructure support teams. Experience in Extraction on Search time vs Index time field extraction.
• Performed network vulnerability security scans to identify cyber vulnerabilities. Good Understanding of configuration files, precedence and daily work exposure to props.conf, transforms.conf, inputs.conf, outputs.conf and Setting up a forwarder information based on requirement. Maintenance of Splunk Environment with multiple Indexers.
• Manage and configure index settings and created event type definitions. Analyzed security based events, risks and reporting instances. Set up Splunk to capture and analyze data from various layers Load Balancers, Web servers and application servers.
• Developing custom web application solutions for internal ticket metrics reporting. Set indexing property configurations, including time zone offset, custom source type rules. Configure regex transformations to perform on data inputs. Use in tandem with props.conf. Designed core scripts to automate Splunk maintenance and alerting tasks. Worked on DB Connect configuration for Oracle, My SQL and MSSQL.
• Used kill chain analysis to trace the different stages of an advanced threat, link the sequence of events and enable targeted remediation. Configure SIEM tool performance.
• Install and maintain the Splunk add-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database. Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Configure SIEM tool performance and event data. Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects. Interact with the data warehousing team regarding extracting the data and suggest the standard data format such that Splunk will identify most of the fields.

Environment: Splunk Enterprise Server 5.x.x/6.x, Windows Server 2012/2008/2003 R2, Linux and UNIX Servers Splunk, SQL Server 2008, SAN, WLAN, Service Now, Netcool, OSI, Tivoli. PL/SQL

Developer

Confidential - Thousand Oaks, CA

Responsibilities:

• Import & Export of data from one server to other servers using tools like Data Transformation Services (DTS) and bulk copy. Periodic monitoring of the system for bottlenecks. Requirement gathering - Solution design.
• Involved in the migration from SQL server . Actively involved in Normalization of database. Designed DDL and DML for MS SQL Server 2008. reate rules, defaults, tables, views, clustered & non-clustered index, user defined data types, and user defined functions. Created Triggers to enforce data and referential integrity.
• Actively designed the database to fasten certain daily jobs, stored procedures. Developed SQL and PL/SQL scripts to transfer tables across the schemas and databases. Performed SQL and PL/SQL Performance tuning and Application Tuning using various tools like TKPROF, AUTOTRACE and DBMS SQLTUNE.
• Data loaded from legacy systems (ETL Operations) using PL/SQL and SQL*Loader. Developed Procedures for efficient Error Handling process by capturing errors into user managed tables. Developed UNIX Shell scripts to automate table creation, execute procedures. Optimize query performance by creating indexes. rite T-SQL statements for retrieval of data and Involved in performance tuning of T-SQL Queries and Stored Procedures.
• Involved in merging existing databases and designed new data models to meet the requirements. Perform daily database backup & restoration and monitor the performance of Database Server. Use DDL and DML for writing triggers, stored procedures, and data manipulation.
• Installed and Configured SQL Server 2005 on development server for designing and testing. Worked on client requirement and wrote Complex SQL Queries to generate Crystal Reports.

Environment: MS SQL Server 2008, Windows platform, Visual Basic 6.0, Crystal Reports, ETL, UNIX, MS Windows XP/2000, Oracle Development Suite.

PL/SQL Developer

Speck Systems

Responsibilities:

• Involved in the design, coding, deployment and maintenance of the project. Acted as a single point contact for the Database related activities like developing/ creating tables, procedures and functions for the java developers. Involved in designing of the application using UML (Unified Modeling Language). ritten PLSQL procedures to extract the daily promoted and demoted Employees from the HR database. Developed various reports by using SQL.
• Loading of data (Data Migration) from legacy system to custom tables using SQL LOADER. Supporting on-call in out of office hours.
• Developed stored procedures and triggers to facilitate consistent data entry into the database. Written Stored Procedures using PL/SQL and functions and procedure for common utilities.
• Participated in system analysis and data modeling, which included creating tables, views, indexes, synonyms, triggers, functions, procedures, cursors and packages. Created programming code using advanced concepts of Records, Collections and Dynamic SQL.
• Used advanced Bulk technologies (FOR ALL, BULK COLLECT) to improve performance. Developed installation scripts for all the deliverables. Performed functional testing for different Oracle Forms application functionalities.
• Performed unit testing, system testing and integration testing. Worked on Oracle database to design Database schema, created Database structure, Tables and Relationship diagrams.
• ETL Development using T-SQL programming, scripts, stored procedures, views. Supported on call 24x7 schedule for Production Support. Environment: Oracle 11g, SQL, PL/SQL, Proc *C, Java Script, UNIX, ETL.

Oracle Developer

Confidential

Responsibilities:

• Collaborated with the Business analysts and the DBA for requirements gathering, business analysis, testing and project coordination.
• Worked with Agile/Scrum team to deliver software projects and products. Developed SQL and PL/SQL scripts to transfer tables across the schemas and databases. Generated various analytical reports using Microsoft Access.
• Migrated XML data to Targeted files using ETL tools in Data warehousing.
• Developed Procedures for efficient error handling process by capturing errors into user managed tables. Developed Shell scripts to automate execution of SQL scripts to check incoming data with master tables, insert the valid data into Customer Management System and invalid data into error tables which will be sent back to sender notifying the errors.
• Worked with java developers to repair and enhance current base of PL/SQL packages to fix production issues and build new functionality and improve processing time through code optimizations and indexes. Developed UNIX Shell scripts to automate table creation, execute procedures.
• Setup Database Mail Profile in SQL Server Management Studio for operations team to get updates on specific tables once updated. Developed PL/SQL triggers on master tables for automatic creation of primary key values. Created scripts for new tables, views, queries for new enhancements in the application using TOAD/SQL developer.