Akshit San

Ph.+614********

Splunk Engineer

ac17h1@r.postjobfree.com

Over 5 years of experience in the field of Information Technology which includes skills in the UNIX/Linuxsystem programming. Around 4 years of Experience in configuring, implementing and supporting Splunk Server Infrastructure across Windows, UNIX and Linux.

PROFESSIONAL SUMMARY:

Highly skilled in Splunk to build, configure and maintain different environments and in-depth knowledge of log analysis generated by various operating systems.

Installed and monitoredSplunk Forwarderson Windows, UNIX and LINUX servers.

Used XML, Advanced XML and Search Processing language (SPL) for creating Dashboards, views, alerts, reports and saved searches.

Upgraded and Optimized Splunk setup with new discharges.

Used various Splunk Apps such as Splunk on Splunk, Universal Field Extractor, Splunk App for UNIX/Linux, Splunk DB1 Connect.

Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.

Configuration of SPLUNK data inputs by understanding various parsing parameters like Index, source, source typing, queue sizes, index sizes, index locations, read/write timeout values, line breaks, event breaks, time formats etc during index-time.

Skilled in deploying, configuring and administering Splunk clusters.

Experience with Linux and Windows specialists for Splunk organization with a strong comprehension of the Splunk framework.

Hands on experience in installing Splunk TASSymantec DLP, Splunk DB connect Splunk App for AWS and more.

Support large-scale deployments across multiple AWS regions, with data feeds from multiple on premise data centers.

Developed customized application configurations in SPLUNK to parse, index multiple types of log format across all application environments.

Worked with source code organization instruments like CVS, SVN and Git. Presentation to outline organization gadgets like Puppet.

Familiar in System Administration with Windows 2003-2008 Servers, Red Hat Linux Enterprise Servers, Solaris and IBM AIX servers.

Monitored the Splunk system by identifying terrible missions, dashboards and wellbeing of Splunk and collaborate with individual gatherings to upgrade execution.

Developed customized Shell scripts in order to install, manage, configure multiple instances of SPLUNK forwarders, indexers, search heads, deployment servers.

Handled theSiteMinder Web Agent foundation and summarized the Web Agent on Web Server cases.

Troubleshooting and handling post production issues, on-site support, worked closely with engineering to coordinate and provide all the required information and interacting with the client.

Strong qualitative analysis skills to lend insight into highly ambiguous and sensitive business problems. In-depth understanding of processes and technology integration challenges.

TECHNICAL SKILLS:

Log Analysis Tool

Splunk Enterprise Server 4.x.x/5.x.x/6.x.x, Splunk Universal Forwarder 4.xx/5.xx/6.xx

Web/App Servers

Web Sphere Application Server 5.0/6.x/7.x/8.x, Web Sphere MQ Sever 6.x/7.x, WebSphere XD 6.0/6.1, IBM Http Server 6.x/7.x/8.x, Apache Web Server 2.x, Tomcat 5.5, IIS 6/7.x

Operating Systems

IBM AIX (5.1/6.1), RHL Linux, Windows Server 2003/2008 R2, VMWare

Programming

Java, J2EE, C++, C, SQL/PL SQL, HTML, DHTML, XML.

Scripting

JACL, Python, WSCP, WSADMIN, Korn Shell Script, Perl, JavaScript, CSS, Batch

Databases

Oracle (8i/9i), UDB/DB2, Sybase, MS SQL Server, IBM DB2

Monitoring tools

Wily Introscope8.x/9.x, Tivoli, BSM Topaz, Tivoli Performance Viewer, IBM Thread and Heap Analyzers

Networking

TCP/IP Protocols, Socket Programming, DNS.

Frame work

MVC, J2EE Design Patterns, Struts.

IDE

Eclipse, RAD 7, Net Beans, Edit plus, TOAD

Others

Site Minder r6/r12/r12.5,Ping Federate 6.X,7.X

PROFESSIONAL EXPERIENCE:

Client: Hastings Mutual Insurance, Hastings- MI Aug 2015 to Till Date

Role: Splunk Developer/ Admin/ Engineer

Responsibilities:

Assisted the Splunk Architect with designing the Splunk infrastructure and implemented the design including configuring clustered Indexers and Search Heads, setting up Deployment Server, and installing Universal Forwarders on servers and network devices.

Worked as a Splunk Admin for Creating and managing app, Creating users, role, Permissions to knowledge objects.

Hands on experience in Assisting stake holders of splunk in designing and maintaining production-quality data, dashboards, and various applications.

Requirement gathering and analysis. Interacted with team members and users during the design and development of the applications and Splunk Objects.

Receiving promptly, handling, gathering requirements through remedy tickets and resolving at on time.

Communicating and collaborating with hundreds of customers, Splunk users.

Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.

Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.

Creating, maintain, support, repair, customizing System & Splunk applications, search queries and dashboards.

Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.

Developed Splunk Objects and reports on Security baseline violations, Non-authenticated connections, Brute force attcaks and many usecases.

Good experience in working with SNMP traps and Syslog NG in onboarding the security devices on Splunk.

Design, support and maintain large Splunk environment in a highly available, redundant, geographically dispersed environment.

Installed Splunk Common Information Model add-on is packaged with Splunk Enterprise Security, Splunk IT Service Intelligence, and the Splunk App for PCI Compliance.

Provide independent analysis of splunk security use cases/metrics to identify gaps.

Support and engage with all internal teams to identify areas of improvement.

Provide recommendations to monitor measure and improve all aspects of the Splunk instance.

Troubleshooting Splunk feed issues and data ingestion for remote locations.

Deployed new Splunk architecture at disaster recovery site.

Configure hot, warm and cold buckets hold data for extended period.

Created home dashboards to monitor ingestion and feeds for private network performance.

Integrated Splunk with LDAP.

Install, configure, and troubleshoot Splunk. Experience with regular expressions and using regular expressions for data retrieval. Work with application owners to create or update monitoring for applications.

Experience creating and maintaining Splunk reports, dashboards, forms, visualizations, alerts.

Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.

Installation of Splunk head, Indexer and Forwarders on 5000+ servers (Windows & Linux environment).

Configure and Install Splunk Enterprise, Agent, Apache Server for user and role authentication and SSO.

Make recommendations on Splunk applications, Splunk add-ons, and tools to continuously improve operational efficiencies in the IT Operations unit.

Doing Team leading, deeper analysis of data using event correlations across indexes and various source types to generate custom reports for senior management.

Providing Training to Senior management, developers and Splunk Object End_users, Documentation and communications on future upgrades.

Provide access on roles, restriction permissions. Report on license usage and set Distributed license system.

Configure the adds-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.

Creating Vulnerability Assessment dashboard using Rapid7, Joval that aggregates data across multiple services to identify critical threats and proactively mitigate risks.

Prepare written documentation on Splunk infrastructure, Standard Operating Procedures (SOP), and best practices.

Integrate Service Now with Splunk to generate the Incidents from Splunk and extracts all CMDB Data from ITAM.

Environment:Splunk 6.1.3, Tomcat 7.x, F5 Load Balancers, Wily Introscope 6.0, Python Scripting, Apache HTTP server 2.4, JVM tuning, RedHat Linux 6.x, LDAP, Splunk UI, JDBC, JDK1.7, J2EE, XML, Oracle 11g, MS SQL Server 2012, SQL, Solaris 10, SVN, CVS, Rapid 7, Bluecoat, VMF, Resilient, Service Now (ITAM).

Client: Comcast, Englewood, CO Aug 2013 - Jul 2015

Role: Splunk Developer/ Admin

Responsibilities:

Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.

Experience in setting up dashboards for senior management and production support- required to use SPLUNK.

Splunk Engineer/Dashboard Developer responsible for the end-to-end event monitoring infrastructure of business-aligned applications.

Prepared, arranged and tested Splunk search strings and operational strings. Created and configured management reports and dashboards.

Maintained and managed assigned systems, Splunk related issues and administrators.

Optimized the search performance of Splunk queries and reduced the time for loading the dashboards.

Experienced in Troubleshooting Splunk search quotas, monitor Inputs, WMI Issues, Splunk crash logs and Alert scripts.

Create and maintain documentation related to Architecture and Operational processes for Splunk. Implemented Splunk to analyze the patterns of the customers and all the data generated from various web and server logs to analyze the behavioral pattern of the customers.

Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.

Installation of Splunk indexer and forwarders in multiple servers with 2 head servers, Search Head and node servers.

Design and implement Splunk Architecture (Indexer, Deployment server, Search heads, and Forwarder management), create/migrate existing Dashboards, Reports, Alerts, on daily/weekly schedule to provide the best productivity and service to the business units and other stakeholders.

Splunk Architecture/Engineering and Administration for SOX monitoring and control compliance.

Built Utilization and Monitoring Analytics for Various Work environments of Personal Insurance sector

Created a drilldown of navigations from one splunk app to the other app.

Review and apply any newly available and applicable SPLUNK software or policy updates routinely.

Assist with design of core scripts to automate SPLUNK maintenance and alerting tasks.

Support SPLUNK on UNIX, Linux and Windows-based platforms. Assist with automation of processes and procedures.

Maintain current functional and technical knowledge of the SPLUNK platform and future products.

Help to document best practices in developing and using SPLUNK.

Experience with Splunk UI/GUI development and/or operations roles

Work with business/IT and create the next steps plan and implement the same.

Implemented Post processing method for searches in dashboards.

Extensively worked on building of range maps for various SLA conditions by using all kinds of Splunk 6.x Dashboard Examples.

Implementing new apps to the Splunk and license distributing across the servers.

Integrating the Splunk with Single Sign-On authentication and Service now ticketing tool.

Performing investigation, analysis, reporting and escalations of security events from multiple sources including events like intrusion detection, Firewall logs, Proxy Logs, Web servers.

Experience in Information Security Platform by providing support on known/ unknown vulnerabilities/ threats found via security devices/ product. Experience in developing & creating SIEM Procedures (SOP) documentation.

Created and debugged Snort Intrusion Detection System (IDS) and Sagan Security Information event management (SIEM) rules.

Created subroutines for Quadrant’s IDS Graphic User Interface (GUI).

Monitoring Snort (writing rules, monitoring BASE), creating the CASE of unknown alerts, Splunk, Arcsight.

Environment: Splunk, Linux, Windows Server 2012, 2008, Splunk Enterprise Security, ESX, Applications Development, Big Data Analysis, operations analysis, Regex, Rex, PYTHON, UNIX, AIX, RED HAT LINUX, Hadoop, XML, HTML.

Client: Nissan, Nashville, TN Nov 2012–Jul 2013

Role:Remote Splunk Engineer

Responsibilities:

Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.

Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering, and Forwarder Management.

Administer and configure Splunk components like Indexer, Search Head, Heavy forwarder etc.; deploy Splunk across the UNIX and windows environment; Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.

Performed Splunk administration tasks such as installing, configuring, monitoring, and tuning.

Setup Splunk forwarders for new application tiers introduced into existing application.

Experience in working with Splunk authentication and permissions and having significant experience in supporting large scale Splunk deployments.

On boarding of new data into Splunk. Troubleshooting Splunk and optimizing performance.

Actively involved in standardizing Splunk Forwarder deployment, configuration and maintenance across various Operating Systems.

Created Dashboards, Visualizations, Statistical reports, scheduled searches, alerts and worked on creating different other knowledge objects.

Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.

Built KPIs dashboards on Patient Enrollment transactions and other business activities

Built Key Performance Indicators to the Enterprise Architecture team through Splunk

Created Alerts on different SLAs and thresholds through Splunk.

Manipulating raw data and Field extraction

Built KPIs, alerts on SLAs of filesystem services project.

Business Activity Monitoring and troubleshooting

Good experience on Splunk Search Processing Language (SPL) and Regular expressions.

Monitor the applications and server infrastructure for optimization, performance and Utilization metrics.

Experience in developing dashboards and customizing them.

Implemented various visualization Add-ons to the developed dashboards.

Maintain current functional and technical knowledge of the SPLUNK platform and future products.

Help to document best practices in developing and using SPLUNK.

Experience with Splunk UI/GUI development and/or operations roles.

Generated the reports by onboarding the data from lookup files.

Involved in migration by configuring Splunk forwarders and providing the reports.

Performed troubleshooting and configuration changes to resolve Splunk configuration issues.

Work with business/IT and create the next steps plan and implement the same.

Doing deeper analysis of data using event correlations across indexes and various source types to generate custom reports for senior management.

Environment:Splunk, BMC, Splunk Universal forwarder,, Splunk 6.x Dashboard Examples, Sideview utils, Data Models, Server management, Dashboards, Search processing language (SPL), Field extraction, Regex, Rex, UNIX, AIX, RED HAT LINUX, BLADELOGIC, XML, HTML.

EDUCATION

Bachelor of Technology

Master in Business information Systems

Contact this candidate