SUMMARY

• 8+years of IT experience in software development Over 5+ years of experience in Splunk Admin/developer, LINUX/UNIX and 3+years on Linux/VmWareAdmin on varied projects which involves Design and Development of client/server. In platform consisting of Red Hat Linux and windows operating systems.
• Experience working on Splunk5.x, 6.x, 7. x.8.x Splunk DB Connect 1.x, 2.x, Splunk ES: 2.4,4,5 and Splunk ITSI: 4 and 5.on distributed Splunk Environments and Clustered Splunk Environments on Linux and Windows operating systems.
• Worked on Splunk Enterprise Security 4.x. Worked on the Security Implementation.
• Expert in Install, Configure & administer Splunk Enterprise Server and Splunk Universal Forwarder, Splunk Heavy Weight Forwarder in large distributed environment.
• Worked on Design, support and maintain the Splunk infrastructure in Windows and Linux environments. Installation of SplunkEnterprise, Apps in multiple servers with automation.
• Great experience to CreateDashboardViews, Reports and Alerts for events and configure alert mail. Great Experience on SplunkProgrammingLanguage.
• Worked on Prebuilt Security Co relation Rules, Reports and Dashboards.
• Good Experience in creating the Splunkapp for Enterprise Security to Identify and Address emerging security Threats using continuous monitoring, alerting and analytics.
• Strong Knowledge on LinuxSystem and Strong Knowledge on ComputerNodes.
• Strong experience in Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Experience in installing and configuring Dynatrace DC - RUM components, and hands on experience with AWS cloud migration.
• Experience developing secure, reliable, scalable, python applications on the AWS cloud.
• Worked on Integrating Splunk with Windows Active Directory and LDAP and Data consolidation for LDAP users.
• Working on indexers and computing servers and with configuration management. Experience security patching distributed Splunkarchitecture and components including searchheads, indexes and forwarders.
• Used Splunk and ELK (ElasticStack) For LogError's or Any Kind of logAnalytics.
• ITSI Modules process data Collected using Splunk Add-ons and Created Multiple KPIsdashboards.
• Good Experience on System Center Operations Manager (SCOM) and Good Experience on Splunk Enterprise Security Glass Table Errors and Visualization Issues.
• Experience with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Dashboards, Clustering and Forwarder Management.
• Created and Managed SplunkDB connect Identities, DatabaseConnections, DatabaseInputs, Outputs, lookups, accesscontrols.
• Expert with various search commands like stats, chart, time chart, transaction, eval, table etc.,
• Experience with Splunk UI/GUI development and operations.
• Worked on Operational Intelligence using Splunk and CreatingDashboards with the Using XML
• Experience on SplunkEnterpriseDeployments and enabled continuous integration on as part of configuration management.
• Good experience on FireEye to detect the complex and burden of CyberSecurity organization struggling to prepare for prevent and respond to security attacks.
• Interpreted and developed SIEM products to meet the internal and external and customer requirements. Experience in working on Enterprise Security log management and SIEM solutions.
• Applying Security for Splunk with Enterprise Security and CiscoSecuritySuits along with PCI Compliance.
• Worked on Security solutions SIEM that enable organizations to detect, respond and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions.
• Experience in SOAP, REST API, web-based technologies and Scripting Languages including erl,python and shell Scripting XML, HTML.
• Scripting and development skills using Perl and Python with strong knowledge of Regular expressions.
• Experience in writing Evidentio signatures JSon and Ruby, building a security dashboard.
• Created Reports, Alerts and Dashboards by Splunkquerylanguage. Experienced in creating and running Cron Jobs for scheduled tasks.
• Strong experience on Troubleshooting Splunk search head, Indexer and forwarder issues and document.
• Worked on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Set indexing property configurations, including time zone offset, custom source type rules. Configure Regex transformations to perform on data inputs.
• Experience in using SQLite, MSSQL, SQL Server 2008, MySQL and Oracle 9i, 10g.
• Experience in Crystal reports. Used SplunkdataConnector between Splunk Enterprise and Relational Database
• Proficient in PL/SQL programming - Stored Procedures, Functions, Packages, SQL tuning, and creation of Oracle Objects - Tables, Views, Materialized Views, Triggers, Sequences, Synonyms, Database Links, and User Defined Data Types.
• Worked on Oracle 11g/10g/9i/8i/7.3, PL/SQL back end applications development Toad, SQLPlus, and PL/SQLDeveloper.\Provided 24/7 on-call support for production, Good exposure in troubleshooting and debugging on Splunk and very proactive in problem solving with providing best solutions.
• Motivated with excellent verbal/written communication skills, fast learner, good team player admirable presentation capabilities, and efficient requirement gathering ability and effectively convey them to other members in the team.

TECHNICAL SKILLS

Splunk Modules: Splunk 5.x/6x, 7. x.8.x Splunk DB Connect 1.x, 2.x,, Splunk ES: 2.4,4,5 and Splunk ITS 4 and 5.Splunk Enterprise security, Splunk on Splunk, Splunk App for VMware, Splunk Web Framework, Splunk IT Service Intelligence

Operating Systems: Red Hat Linux (4.x, 5.x, 6.x) Unix, Windows XP/2003/7/8/10, Solaris (8, 9, 10) Web Servers Oracle Http Server, Apache Tomcat, MS IIS server 5.1/6.0, IBM-HTTP, IIS server Application Servers Oracle Web Logic Server 8.x./9.x/10.x, JBoss 5.x/6.x, Oracle SOA Suite 11g.

Tools: Splunk 5x/6x Is 5.1 .5.3 6.1.3, 6.2.3, 6.3, Oracle 11g/10g/9i/8i/7.3 TOAD, SQL Loader, TOAD 10.6.

Databases: Oracle, MYSQL SERVER, MS Access, AWS and Azure Clouds.

Languages: SPL, C, C++, Basic JAVA, SQL, XML, Hadoop and PL/SQL.

Scripting Languages: Perl, Python, Ruby, Linux shell scripts, UNIX Shell Scripting (Bourne, C and Bash)

Web Services: SOAP and REST, Web Sphere Application Server8.x/7.x/6.x/5.x

Networking & Protocols: FireEye, TCP/IP, HTTP, HTTPS, SME, LDAP, NIST, Firewall, VMware, SNMP, LDAP, SDLC, DNS, DHCP, DNS, NAT, SIEM, ELK, ITSI.

PROFESSIONAL EXPERIENCE

Confidential, Northbrook, IL

Sr SPLUNK ADMIN AND DEVELOPER

Responsibilities:

• Responsible for initiating, planning, executing, configuring, and deploying the latest version of Splunk on a Windows or Linux environment.
• Install, configure and administer Splunk Enterprise Server 6.0.4 and Splunk Forwarder 4.x.x/5.x.x/6.x.x7. x.8.x on Red hat Linux and Windows severs.
• Upgraded Splunk Enterprise from v 6.2 to v 6.5.2 in clustered environments and non-clustered environments
• Setup Splunk Forwarders for new application tiers introduced into the environment and existing applications Work closely with Application Teams to create new Splunk dashboards for Operation teams.
• Created Cloud Tables and Worked on Co relational Searches and created multiple KPI Dashboards.
• Created Dashboards, report, scheduled searches and alerts.
• Experience in Splunk GUI development creating Splunk apps, searches, Data models, dashboards and Reports using the Splunk query language.
• Analyzed security based events, risks and reporting instances and Develop dashboards with visual metrics for stakeholders.
• Using Splunk and ELK for Business Logic Errors and Exceptions and Good Experience on ELK for Log Search Tool, Log stash and Data Visualization Tool.
• Troubleshooting and resolve the Splunk - performance, search poling, log monitoring issues; role mapping, dashboard creation etc. Experience with Web Services and load balancing configurations.
• Used the Azure Cloud For managing and deploying the Applications.
• Used Cloud Services for Load balancing and Health Monitoring Also Windows Azure Used to Excels the Various Services like Plat Form as a Service (PaaS) and Software as a Service (SaaS).
• Worked on various administration of Data power XS40, XI50 and XI52 devices.
• Monitored Splunk infrastructure for capacity planning, system health, availability, and optimization.
• Experience in creating SQL loader scripts to load data from flat files into the database and creating External Tables to manage data which is store at the OS level.
• Created Splunk app for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.
• Using VMware For Cloud Computing and Splunk Virtualization Services.
• Dashboards and Reports to show Login count of each application, to show which app resources being accessed more, Number of failed logins, statistics on High hitting applications.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Outputs.conf and Inputs.conf files.
• Used Some App Dynamics for Check the data in Applications performance.
• Application Servers like Web Sphere Application Server, Tomcat, IBM HTTP Server, Apache Web Server, Load Balancing, JBoss, Splunk and Data Power.
• Worked on Splunk Buckets (Hot, Warm, Cold, Frozen)
• Used Glass Table for Visualize and Monitor Security Status of the project Environment.
• Expertise with SIEM (security information and event management) . Manage Splunk ser accounts (create, delete, modify, etc.) Scripted SQL Queries in accordance with the Splunk.
• Interpreted and developed SIEM products to meet the internal and external and customer requirements.
• Maintain current functional and technical knowledge of the Splunk platform and future products.

Environment: Splunk 6.x, Splunk Enterprise and Splunk modules, Splunk DB connect, Web Logic server 8.x/9.x/10.x/11g, Tomcat 6.x, Apache 2.x, Solaris10, Oracle 11g/10g, Me, web services, HTTP, HTML, XML, SSL, SIEM, Python.

Confidential

SPLUNK ENGINEER

Responsibilities:

• Installation and configuration of Splunk product at different environments.
• Worked on Multiple Production Roles and Created Alerts with Using of Splunk, Also Created Multiple dashboards and Alerts at a time.
• Involved in Installation, Administration and Configuration of Splunk Enterprise and integration with local legacy systems.
• Configured Splunk Searching and Reporting modules, Knowledge Objects, administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Hands on development experience in customizing, visualizations, configurations, reports and search capabilities using customized Splunk queries.
• Experience in Dynatrace and app Dynamics for using System Health Check, Availability.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy Forwarder and Universal forwarder, License model.
• Designing and maintaining production-quality Splunk dashboards.
• Good experience in Splunk, WLST, Shell scripting to automate and monitor the environment routine tasks.
• Good Experience on Splunk IT Service Intelligence and worked Splunk ITSI Glass Table Visualization.
• Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Experience on Configured and developed complex dashboards and reports on Splunk.
• Splunk DB Connect 2.0 in search head cluster environments of Oracle. Worked on Splunk UI/GUI development and operations roles.
• Expertise in creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
• Worked on Various framework for Transaction Security like PCI and PII
• Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.
• Created Regular Expressions for Field Extractions and Field Transformations in Splunk.
• Responsible for documenting the current architectural configurations and detailed data flow and Troubleshooting Guides for application support.
• Expertise in creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
• Analysedsecurity based events, risks and reporting instances
• Managed Indexer Clusters including security, hot and cold bucket management and retention policies.
• Used Hadoop for Large data sets across Clusters of computers Using Simple Programming Models.
• Worked on Some Related parts of APP Dynamics (like User Reporting, Server monitoring and Machine Agent)
• Used Some Tivoli For Monitoring the Windows applications and Upgrading the equipment and various levels of Operating Systems.
• Worked on Various types of charts, alerts settings, app creations, user and role access permissions.
• Integrate Service Now with Splunk to consume the alerts from Splunk and create service now tickets.
• Used on Dynatrace tool for Client Servers performance Check and is Programs Running on Premises in the Cloud.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes. Managing indexes and cluster indexes, Splunk web framework, data model and pivot tables.
• Performed troubleshooting and/or configuration changes to resolve Splunk integration issues.

Environment: Splunk 6.x, Splunk DB Connect 2.0 and other modules, Oracle WebLogic 9.x/10.x, JBoss 5.x/6.x, Tomcat 5.x/6.x, Oracle 9i/10g, Solaris 10, LINUX, Server 6.0, Apache 2.x, python.

Confidential

SPLUNK ADMIN /DEVELOPER

Responsibilities:

• Worked in installing the Splunk Enterprise 6.3.3 on both Linux (Red Hat Distro) and Windows Servers as a separate Splunk User.
• Installation and configuration of various components like indexer, forwarder, search head, deployment server.
• Worked in installing the Splunk Universal Forwarder and Splunk Heavy Forwarder on both Linux and Windows Environment.
• Installation of Splunk Applications and Technology Add-ons with respect to the technology.
• Updated the Splunk Enterprise 6.3.3 to 6.4.
• Designing and maintaining production-quality Splunk dashboards.
• Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Helping application teams in on-boarding Splunk and creating dashboards/alerts/reports etc.
• Most of the time worked to install universal forwarders to but we have heavy forwarders set up to see data from sys log server side. Heavy Forwarders to bring any kind of data fields in to Splunk.
• Expertise with Design, Implementation, Configuration and Management of Splunk Enterprise.
• Created Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Creating and Managing Apps, Create user, role and Permissions to Knowledge objects.
• Create Dashboard Views, Reports and Alerts for events and configure alert mail OR depends on the requirement.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Troubles hooting of searches for performance issues by adding lookups, correct joins and using summary indexes.
• Development skills (Perl, Python) with strong knowledge of Regular expressions.
• Captured data from various front end, middle ware application. Dashboards were created to monitor the traffic volume across, response times, Errors, Warnings across.
• Performed troubleshooting and/or configuration changes to resolve Splunk integration issues.
• Playing a key role in identifying and driving process changes within the team.

Environment: Splunk 6.x, Splunk DB Connect and other modules, SPL, Oracle 9i/10g, Solaris 10, LINUX, Sun One Web Server 6.0, Apache 2.x, Perl, python, SIEM.