SUMMARY

• Proficient Software Engineer 7+ years of experience in configuring, implementing and supporting Splunk Server Infrastructure across Windows, UNIX and Linux.
• Experience with a variety of operating systems protocols and tools, depending on the type of platform or application to be
• Engineered Splunk to build, configure and maintain heterogeneous environments and in - depth knowledge of log analysis generated by various systems including security products
• Architecture various components within Splunk (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, Parsing, Indexing, Searching concepts, Hot, Warm, Cold, Frozen bucketing, License model
• Field Extraction using Ifx, Rex Command and Regex in configuration files.
• Used techniques to optimize searches for better performance, Search time vs Index time field extraction and understanding of configuration files, precedence and working Props.conf, transforms.conf, inputs.conf, outputs.conf setting up a forwarder Monitor stanza in inputs.conf.
• Built the new indexers and search heads in Cluster environment on Windows platform with Splunk v 6.2.
• Scripting and development skills (Perl, Python, Java) with strong knowledge of regular expressions.
• Time chart attributes such as span, bins, Tag, Event types, Creating dashboards, reports using XML.
• Create dashboard from search, Scheduled searches Inline search vs scheduled search in a dashboard
• Knowledge of Extract keyword, sed, Knowledge objects, Knowledge of various search commands like stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table etc.
• Difference between event stats and stats.
• Upgrade and Optimize Splunk setup with new discharges.
• Setup Splunk Forwarders for new application levels brought into environment.
• Extensive experience in deploying, configuring and administering Splunk clusters.
• Helping application teams in on-boarding Splunk and creating dashboards, alerts, reports etc.
• Develop custom app configurations (deployment-apps) within SPLUNK in order to parse, index multiple types of log format across all application environments.
• System Administration familiar with Windows Servers, Red Hat Linux Enterprise Servers, Solaris and IBM AIX servers.
• Created and configured websites and application pools in IIS and worked extensively on .Net deployments in Windows space
• Experience in Shell scripting and extensively used Regular expressions in search string and data anonymization.
• Worked broadly on firm wide Enterprise Releases and DR events.
• Understanding of Network Firewalls, Load-balancers, LDAP and complex network design.
• Experience in Optimized search queries using summary indexing.
• Excellent skills on troubleshooting and problem determination of HTTP/System/ Network related problems including monitoring, capacity planning and maintenance by providing 24X7 support on call for all mission critical applications.
• Expertise on investigating HTTP issues using tools like Fiddler, HTTP Analyzer etc.
• Extensive Data Warehouse experience using Informatica 7/8.x/9 Power Center tools (Source Analyzer, Mapping Designer, Mapplet Designer, Transformation Designer, Repository Manager, and Server Manager) as ETL tool on Oracle /DB2 Database.
• Extensive experience in writing Packages, Stored Procedures, Functions and Database Triggers using PL / SQL and UNIX Shell scripts. Also handled Oracle utilities like SQL Loader, import etc.
• Experience in data mart life cycle development, performed ETL procedure to load data from different sources into Data marts, Data warehouse using Informatica Power Center.
• Experienced in all data processing phases, from the Enterprise Model, Data Model (Logical and Physical Model), and Data Warehousing (ETL).
• Extensive experience in developing complex mappings from varied transformations like Router, Filter, Sorter, Connected and Unconnected lookups, Normalizer, Expression, Aggregator, Joiner, Union, Update Strategy, Stored Procedure and Sequence Generator Etc.
• Database experience using Oracle 9i/10g, MS SQL Server 2008, Teradata and DB2.
• Working knowledge of data warehouse techniques and practices, experience including ETL processes, dimensional data modeling (Star Schema, Snow Flake Schema, FACT & Dimension Tables), OLTP and OLAP.
• Strong experience using SQL, PL/SQL Procedures/Functions, Triggers and Packages.
• Good understanding of Views, Synonyms, Indexes, Joins, and Sub-Queries.
• Excellent communication and interpersonal skills.
• Skilled at accessing client needs, working in a group, suggesting ideas that enhance

TECHNICAL SKILLS

Log Analysis Tools: Splunk Enterprise 4.x/5.x/6.x, Splunk Universal Forwarder, Informatica PowerCenter.

Servers: Web/App Servers, WebSphere Application Server, Web Sphere MQ Sever 6.x/7.x, WebSphere XD 6.0/6.1, IBM Http Server 6.x/7.x/8.x,Apache Web Server 2.x, Tomcat 5.5, IIS 6/7.x

Operating Systems: IBM AIX (5.1/6.1), RHL Linux, Windows R2, VMWare

Programming: C#, C++, C, Java, Python, SQL/PL SQL, HTML, DHTML, XML.

Scripting: JavaScript, WSCP, WSADMIN, Korn Shell Script, Perl, CSS, Batch

Databases: Oracle(10g/11i/12c), UDB/DB2,Sybase,MS SQL Server, IBM Web Sphere DB2, Web logic

Frame Works: MVC, J2EE Design Patterns, Struts, IDE Eclipse, RAD 7, Net Beans, Edit plus and TOAD

Monitoring tools: Wily Introscope 8.x/9.x, Nagio, BSM Topaz, Tivoli Performance Viewer, NMON (AIX), IBM Thread and Heap Analyzers

Networking: TCP/IP Protocols, Socket Programming, DNS.

PROFESSIONAL EXPERIENCE

Confidential, Dallas, TX

Sr. Splunk Administrator and Developer

Responsibilities:

• Install, configure and administer Splunk Enterprise Server 6.0.4 and Splunk Forwarder 6.2.0 on Redhat Linux and Windows severs.
• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Configure and Install Splunk Enterprise, Agent, Apache Server for user and role authentication and SSO.
• Upgraded Splunk to 6.2.3 with patching in multiple server without downtime.
• Working on indexers and computing servers and with configuration management.
• Monitor the Splunk infrastructure for capacity planning and optimization
• Troubleshoot Splunk search head, Indexer and forwarder issues and document.
• Automating in Splunk using Perl with Service-Now for event triggering.
• Used Splunk data Connector between Splunk Enterprise and Relational Database
• Provide access on roles, restriction permissions. Report on license usage and set Distributed license system.
• Deploying Splunk updates and license distribution over multiple servers using a deployment server.
• Create Dashboard Views, Reports and Alerts for events and configure alert mail.
• Create Splunk apps for consuming data for applications and implement apps.
• Work closely with Application Teams to create new Splunk dashboards for Operation teams.
• Troubleshooting and resolve the Splunk - performance, log monitoring issues; role mapping, dashboard creation etc.
• Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
• Created Regular Expressions for Field Extractions and Field Transformations in Splunk.
• Anonymize the PII (Personally Identifiable Information) data in Splunk. Masked sensitive information such SSN numbers, Addresses when showing results in Splunk.
• Configure Splunk for all the mission critical applications and using Splunk effectively for Application troubleshooting and monitoring post go lives
• Supported 8+ Splunk search Heads, 50 + Indexers, 3200 + forwarders.
• Created Dashboards and Reports to show Login count of each application, to show which app resources being accessed more, Number of failed logins, statistics on High hitting applications.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs.conf and Inputs.conf files
• Configured Splunk forwarder to send unnecessary log events to “Null Queue” using props and transforms configurations to reduce license costs.
• Developing a custom application in Splunk
• Fetching the data from databases using "DB Connect Application"
• Extensively involved in troubleshooting the issues and document the problem resolutions for future references.
• Attended Change management meetings for approval for the applications, which are supposed to go live and provided the MOM of CM meetings to the team.
• Experienced in attending the bridge calls for production issues and non-prod issues and involved application teams or database teams or networking teams to resolve the issues and involved in Root cause analysis for the issues encountered. Also provided 24/7 on call support for all the production applications.
• Involved in developing complex scripts to automate batch jobs.
• Developed a POC on usage of Puppet Configuration Management tool.

Environment: Splunk Enterprise Server 6.2.0/6.2.3 , Universal Splunk Forwarder, RedHat Linux, IBM HTTP Web Server 6.1/7/8, Oracle, HACMP 5.4, HTML, Perl, Java Script, XML, Wily Introscope 9.x, IIS 7, Windows 2003, Windows 2008 R2, Python (Jython), Regular Expressions.

Confidential, Stamford, CT

Sr. Splunk Administrator and Developer

Responsibilities:

• Provide regular support guidance to Splunk project teams on complex solution and issue resolution.
• Helped teams on-board data, create various knowledge objects, install and maintain the Splunk Apps, TAs and good knowledge on java script for advance UI as well Python for advance backend integrations
• Created Dashboards, report, scheduled searches and alerts.
• Have involved as a Splunk Admin in capturing, analyzing and monitoring front end and middle ware applications.
• Prepared, arranged and tested SPLUNK search strings and operational strings.
• Analyzed security based events, risks and reporting instances.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions.
• Creating and managing app, Create user, role, Permissions to knowledge objects.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Worked on setting up Splunk to capture and analyze data from various layers Load Balancers, Web servers and application servers.
• Captured data from various front end, middle ware application
• Integrated Service Now with Splunk to generate the Incidents from Splunk.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions.
• Creating and managing app, Create user, role, Permissions to knowledge objects.
• Analyzed large datasets to identify metrics, drivers, performance gaps and opportunities for improvement.
• Use techniques to optimize searches for better performance, Search time vs Index time field extraction and understanding of configuration files, precedence and working.

Environment: SPLUNK 6.0.1, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL.

Confidential, Wilmington, DE

Splunk Administrator and Developer

Responsibilities:

• Expertise with Splunk UI/GUI development and operations roles.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Helped the client to setup alerts for different type of errors.
• Assigning User and role authentication including LDAP authentication and scripted authentication
• Setting up trusted proxy's for Single Sign-on of the authentication.
• Configuration Management and event trigger using Service-Now.
• Create Alerts, Reports, dashboard and Views in Splunk.
• Indexing and troubleshooting the application errors, troubleshooting non-responding forwarders/servers and documenting.
• Played a major role in understanding the logs, server data and brought insight of the data for the users.
• Involved in setting up alerts for different type of errors.
• Analyzed security based events, risks and reporting instances.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Developed, evaluated and documented specific metrics for management purpose.
• Using SPL created Visualizations to get the value out of data.
• Created Dashboards for various types of business users in organization.
• Provided technical services to projects, user requests and data queries.
• Involved in assisting offshore members to understand the use case of business.
• Assisted internal users of Splunk in designing and maintaining production-quality dashboard.
• Used Datameer to analyze the transaction data for the client.
• Involved in writing complex IFX, rex and Multikv command to extracts the fields from the log files.
• Involved in helping the UNIX and Splunk administration to deploy Splunk across the UNIX and windows environment.
• Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation

Environment: Splunk 5.0, Pivotal HD, Datameer, Linux, Bash, Perl, Hbase, Hive, Pig, Hawq, Sed, rex, erex, Splunk Knowledge Objects

Confidential, Chicago, IL

Splunk Administrator and Developer

Responsibilities:

• Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
• Extracted complex Fields from different types of Log files using Regular Expressions.
• Created Search Commands to retrieve multiline log events in the form Single transaction giving Start Line and End Line as inputs.
• Guarantee high accessibility & execution trough flat scaling and burden adjusted segments.
• Prepared, arranged and tested Splunk search strings and operational strings. Created and configured management reports and dashboards.
• Created EVAL Functions where necessary to create new field during search run time.
• Provide inputs for identifying best fit architectural solutions - deployment for Splunk project.
• Splunk Engineer/Dashboard Developer responsible for the end-to-end event monitoring infrastructure of business-aligned applications.
• Experience in setting up dashboards for senior management and production support- required to use SPLUNK.
• Maintained and managed assigned systems, Splunk related issues and administrators.

Environment: Splunk Enterprise Server 4.1.7, Splunk Forwarder 4.0, 4.3, Shell, Python Scripting.

Confidential

ETL Developer

Responsibilities:

• Involved in requirement designing, and development of data warehouse environment.
• Actively involved in creating design specifications and ETL design documents
• Preparation of the shell scripts for running the Informatica programs in Autosys Scheduler.
• Preparing UNIX scripts for triggering Teradata load utilities like Fast load and Mload.
• Optimized the process using table driven approach
• Implemented the reusability of mappings by creating mapping shortcuts
• Analysed the data and provide resolution by writing analytical/complex SQL in case of data discrepancies.
• Provided guidance in performance tuning of Informatica mappings & Teradata BTEQs
• Troubleshoot the defects encountered in SIT & UAT and provided resolutions.
• Created Informatica Mappings to load data and used transformations like Stored procedure transformation, Connected and Unconnected lookups, Source Qualifier, Expression, Sorter, Aggregator, Joiner, Filters, Sequence, Router and Update Strategy and XML transformation
• Extensively worked on UNIX Shell scripting and BTEQs to extract the data from the warehouse
• Involved in Performance Tuning and Data Quality (Both Database and Informatica) and there by decreased the load time
• Involved in Design review, code review, Performance analysis.
• Used Metadata Manager to eastablish the relation between metadata in the designed model.

Environment: Informatica Power Centre 7.1/8.1, Oracle 9i, SQL Server, TOAD, Micro strategy, Teradata, Autosys and Solaris, UNIX.