Summary

**

*+ years of experience in Information Technology field with strong 7+ year experience in Splunk Developer/Admin, Enterprise Security ES and ITSI. Passionate about Machine data and operational Intelligence.

SHERIE ANTONY

Ph: 407-***-****

ad37hs@r.postjobfree.com

Splunk Engineer (Admin/Developer)

Orlando, Florida

Status: US Citizen

Federal Background Clearance Completed.

LinkedIn profile URL

https://www.linkedin.com/in/sherie-antony-350222195

Professional Summary:

Overall 12+ years of experience in Information Technology field with strong 8+ year experience in Splunk Developer/Admin, Enterprise Security ES and ITSI.

Strong experience with Splunk 9. x,8.x,7.x, Splunk6.x, and 5.x product, distributed Splunk architecture and components including search heads, indexes, and forwarders.

Experience in Operational Intelligence using Splunk.

Headed Proofs-of-Concept (POC) on Splunk ES implementation, mentored and guided other team members on Understanding the use case of Splunk.

Expertise in customizing Splunk for Monitoring, Application Management and Security as per customer requirements and industry best practice.

Expertise in Installation, Configuration, Migration, Troubleshooting, and Maintenance of Splunk, Passionate about Machine data and operational Intelligence.

Implemented workflow actions to drive troubleshooting across multiple event types in Splunk.

Expert in installing and configuring Splunk forwarders on Linux, UNIX, and Windows.

Expert in installing and using Splunk apps for UNIX and Linux (Splunk nix)

Knowledge of Configuration files in Splunk (props. conf, Transforms.conf, Output.confg)

Worked on large datasets to generate insights by using Splunk.

Production error monitoring and root cause analysis using Splunk.

Install, configure, and administer Splunk Cloud Environment 6.5.0 and Splunk Forwarder 6.x.x on Windows Servers.

Supported Splunk Cloud with 4 Indexers, 80 forwarders and Generated 700 Gb of data per day.

Involved in standardizing SPLUNK forwarder deployment, configuration, and maintenance across Windows Servers

Configured inputs. Conf and outputs.conf to pull the XML based events to SPLUNK Cloud Indexer.

Debug Splunk related and integration issues.

Installed Splunk on nix & Splunk SOS and maintained Splunk instance for monitoring the health of the clusters.

Integrate Spunk Web console with Splunk Mobile App using Mobile Access server Add on

Build, customize and deploy Splunk apps as per internal customers.

Splunk UI experience and able to debug expensive search queries.

Configured Clusters for load balancing and fail over solutions.

Implemented a Log Viewer Dashboard as a replacement for an existing tool to view logs across multiple applications hosted on a PaaS setup.

Create Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.

Ability to provide engineering expertise and assistance to the Splunk user community Advanced Splunk Search Processing Language skills (SPL).

Extensively used various extract keyword, search commands like stats, chart, time chart, transaction, strptime, strftime, eval, were, xyseries, table etc.

Good knowledge about Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On’s, Dashboards, Clustering and Forwarder Management.

Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.

Strong experience with web/application servers like Apache Tomcat, Jetty, JBoss, IBM WebSphere, WebLogic.

Strong experience using SQL, PL/SQL Procedures/Functions, Triggers and Packages.

Creating accurate reports, Dashboards, Visualizations, Elastic search, and Pivot tables for the business users.

Well versed with Dynatrace Monitoring tool. Expert in architecture of applications monitoring and UE Analytics. Experience within configuration and infrastructure support of Monitoring alerting and reporting tools through Dynatrace interface

Working on Splunk ITSI Glass tables, deep dives, ITSI modules.

Experience of executing reports & dashboards in Splunk and ITSI.

Developed Splunk infrastructure and related solutions as per business requirements and automation toolsets.

Technical Skills:

Splunk

Splunk 5.x and 6.x,7.x,8.x,9.x Splunk Enterprise, Splunk on Splunk, Splunk DB 2 Connect, Splunk Cloud, Splunk IT Service Intelligence (ITSI), Splunk Web Framework

Operating Systems

Windows 2000, XP, Win 10, Windows Server, Unix/Linux (Red Hat), Free BSD

Data Analysis

Requirement Analysis, Business Analysis, detail design, data flow diagrams, data definition table, Business Rules, data modeling, Data Warehousing, system integration

Concepts

SDLC, Object Oriented Analysis and Design, Unified Modeling Language (UML), Assembly and System Level Testing, exposure in Agile.

Programming Language

C, C++, Java with Big Data, JavaScript, Python, UNIX shell scripts

Security / Vulnerability Tools

Snort, Wireshark, Websense, Bluecoat, Palo Alto, Checkpoint

Symantec, Qualys Vulnerability Manager, FireEye HX, Sophos, Sourcefire

Monitoring Tool

Dynatrace, AppDynamics, Science Logic

PROFESSIONAL EXPERIENCE:

Client: US Department of Veterans Affairs (Remote) May 2022-Present

Location: Remote

Role: Application Performance Monitoring Engineer (Splunk Engineer)

Responsibilities:

•Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Universal and Heavy forwarder.

•Splunk ITSI to determine The KPI of the business.

•Working on Site Reliable Engineering (SRE), Created Dashboard with Golden Signals

•Handling ServiceNow Tickets

•Working on the Migration of Splunk Cloud to Splunk on-prem

•Installed, configured, and administered Splunk Enterprise Server and Splunk Forwarder on Red Hat Linux and Windows servers.

•Setup Splunk Forwarders for new application tiers introduced into the environment and existing applications

•Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps

•Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.

•Worked on Splunk Enterprise security

•Created Dashboards, Visualizations, Statistical reports, scheduled searches, Alerts, and worked on creating different other knowledge objects.

•Built dashboards, views, alerts, reports, saved searches using XML, Advanced XML Javascript and Search Processing language (SPL) as and when required.

•Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Universal and Heavy forwarder.

•Onboarded data on VMs, cloud, and databases using UF, TAs on HF and syslog

•Gave solutions on how the data could be onboarded to Splunk

•Worked closely with stakeholders for gathering requirements, making server connections, testing, and verifying the apps built

•Involved in ServiceNow, MSR. Development, and Customization.

•Design and development of ServiceNow forms, views, and scripts to invoke existing Script.

•Developed Splunk infrastructure and related solutions as per automation tool sets.

•Developed Splunk infrastructure and related solutions as per business requirements and automation toolsets.

•Support SPLUNK on UNIX, Linux, and Windows-based platforms. Assist with automation of processes and procedures.

Client: Silicon Vally Bank (Remote) November2021-April 2022

Location: Remote

Role: Splunk Engineer

Responsibilities:

•Installed, configured, and administered Splunk Enterprise Server and Splunk Forwarder on Red Hat Linux and Windows servers.

•Setup Splunk Forwarders for new application tiers introduced into the environment and existing applications

•Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps

•Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.

•Worked on Splunk Enterprise security

•Created Dashboards, Visualizations, Statistical reports, scheduled searches, Alerts, and worked on creating different other knowledge objects.

•Built dashboards, views, alerts, reports, saved searches using XML, Advanced XML and Search Processing language (SPL) as and when required.

•Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Universal and Heavy forwarder.

•Splunk ITSI to determine The KPI of the business.

•Onboarded data on VMs, cloud, and databases using UF, TAs on HF and syslog

•Gave solutions on how the data could be onboarded to Splunk

•Worked closely with stakeholders for gathering requirements, making server connections, testing, and verifying the apps built

•Involved in ServiceNow Jira, confluence and Indices. Development, Customization and Administration.

•Design and development of ServiceNow forms, views, and scripts to invoke existing Script.

•Developed Splunk infrastructure and related solutions as per automation tool sets.

•Developed Splunk infrastructure and related solutions as per business requirements and automation toolsets.

•Support SPLUNK on UNIX, Linux, and Windows-based platforms. Assist with automation of processes and procedures.

Client: TEXAS DIR (Atos)(Remote) July 2020 – October2021

Location: Remote

Role: Splunk Engineer

Experience on execute the reports & dashboards in Splunk and ITSI.

Experience with Splunk Searching and Reporting modules - (Splunk ITSI and Enterprise Security App) Knowledge Objects, Administration,

Experience with other Splunk premium applications - ITSI, UBA, ES, Hunk

FlexLM Licensing, Synopsys, Cadence, VMware, vSphere, vCenter, Hyper-V, CAD/ASIC and IT Infrastructure, SAS Grid Manager, SAS Viya, Active Directory, LDAP, Office 360, Desktop Central (App Management, Policy Management, Patch Management, and Software Deployment), Automox, Tcpdump, Wireshark, Splunk (ES, UBA, ITSI & ITOA), AppDynamics, Extra Hop, and SolarWinds

Write complex Splunk queries used to present data in Splunk IT Service Intelligence (ITSI)

Serve as primary administrator for Splunk ITSI

Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.

Perform analysis of requirements, design specifications, development, and technical and user documentation of report development.

Analyse, diagnose, and resolve errors throughout the lifecycle.

Formulate recommendations to reduce operating time or improve efficiency.

Knowledge on Splunk ITSI Glass tables, deep dives, KPI’s, ITSI modules.

Monitor and support services with a variety of services such as Splunk (ES, UBA, ITSI & ITOA), SCOM & OMS 2016, SCCM, AppDynamics, Extra Hop and other proprietary systems

Using the following tools and technologies such as: Bash, Perl, VMware ESX, ESXi, Hyper-V, NFS/CIFS, SCOM & OMS 2016, Active Directory, LDAP, LSF, FlexLM Licensing, AppDynamics, Splunk (ES & ITSI), ServiceNow, Extra Hop, SolarWinds, VERITAS, Solaris, Exadata, InfiniBand switch, Oracle SPARCE, and SAN.

Developed various proof of concepts (POC) for Hadoop, Voice, ServiceNow teams and implemented and documented.

Integrated ServiceNow with Splunk to generate the incidents from Splunk.

Integrated ServiceNow with Splunk to generate Incidents from Splunk Administered Apache HTTP Server 2.0.

Integrated ServiceNow with Splunk to generate the Incidents from Splunk Administered Apache HTTP Server 2.0, Apache Tomcat 6.0.

Good at configuring Notifications, UI pages, UI Macros, Script Includes, Formatters, etc. in ServiceNow.

Customized the Project portfolio management (PPM).

Extensive experience on technical implementation of various ServiceNow modules such as Change Management, Incident Management, Problem Management, Service Catalog, Configuration Management.

Worked with clients to assess current state processes and tools, defined ServiceNow requirements and developed and configured the ServiceNow platform.

Provide Regular support guidance to Splunk project teams on complex solution and issue resolution.

Participated in ServiceNow QuickStart Implementation process and worked with ServiceNow in the process of implementation of Incident, Change, Problem, Knowledge, and Service - catalog.

Experience with ServiceNow Discovery tool Service Watch to Discover and import CMDB items.

Worked on Discovery and Orchestration ServiceNow platform tools like PowerShell, REST, SOAP, and API integration.

Worked on content management system (CMS) to create the custom interface of the applications.

Worked on various modules of ServiceNow like Incident management, change management, Problem management, Service Catalog, User Administration, Reporting, and Discovery.

Created Data Sources from various external applications, scripts to parse incoming data and transform into ServiceNow.

Involved in ServiceNow. Development, Customization and Administration.

Design and development of ServiceNow forms, views, and scripts to invoke existing Script.

Developed Splunk infrastructure and related solutions as per automation tool sets.

Developed Splunk infrastructure and related solutions as per business requirements and automation toolsets.

Writing automation scripts for API’s, Unit and Functional test cases using Selenium Web Driver.

Implemented web services using SOAP architecture and used Java script and Python for automation of dash boards.

Support SPLUNK on UNIX, Linux, and Windows-based platforms. Assist with automation of processes and procedures.

Client: Deloitte (Remote) December 2018 – June 2020

Location: Lake Mary, FL

Role: Splunk Engineer

Responsibilities:

•Installed, configured, and administered Splunk Enterprise Server and Splunk Forwarder on Red Hat Linux and Windows servers.

•Setup Splunk Forwarders for new application tiers introduced into the environment and existing applications.

•Data collection from various systems/servers, Forwarder Management, creating and managing Splunk apps.

•Building Splunk queries by Splunk Search Processing Language (SPL) and Regular expressions.

•Worked on Splunk Enterprise security.

•Created Dashboards, Visualizations, Statistical reports, scheduled searches, Alerts, and worked on creating different other knowledge objects.

•Built dashboards, views, alerts, reports, saved searches using XML, Advanced XML and Search Processing language (SPL) as and when required.

•Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Universal and Heavy forwarder.

•Provide Regular support guidance to Splunk project teams on complex solutions and issue resolution.

•Helping application teams in onboarding Splunk and creating dashboards/alerts/reports etc.

•Most of the time we worked to install universal forwarders too, but we have heavy forwarders set up to see data from the sys log server side.

•Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk.

•Experience in creating Access controls, to the user by creating AD (Active Directory) groups power and user groups.

•Configure the add-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.

•Splunk ITSI to determine The KPI of the business.

•Onboarded data on VMs, cloud, and databases using UF, TAs on HF and syslog

•Gave solutions on how the data could be onboarded to Splunk

•Worked closely with stakeholders for gathering requirements, making server connections, testing, and verifying the apps built

•Conducted data normalization for the data onboarded using event types, tags,

•Created macros for the indexes for the dashboards

•Developed content, reports & alerts to meet the client needs

•Developed apps to display audit logs, tax logs, IIS logs, etc., for multiple data sources so the SOC team can monitor those logs on one platform

•Used GIT Bash and Azure DevOps to push changes for production

•Extensively used Service Now and Azure DevOps to create and manage work items and tickets

•Experience of executing reports & dashboards in Splunk and ITSI.

•Experience with Splunk Searching and Reporting modules - (Splunk ITSI and Enterprise Security App) Knowledge Objects, Administration,

•Experience with other Splunk premium applications - ITSI, UBA, ES, Hunk

•FlexLM Licensing, Synopsys, Cadence, VMware, vSphere, vCenter, Hyper-V, CAD/ASIC and IT Infrastructure, SAS Grid Manager, SAS Viya, Active Directory, LDAP, Office 360, Desktop Central (App Management, Policy Management, Patch Management and Software Deployment), Automox, Tcpdump, Wireshark, Splunk (ES, UBA, ITSI & ITOA), AppDynamics, Extra Hop, and SolarWinds

•Write complex Splunk queries used to present data in Splunk IT Service Intelligence (ITSI)

•Serve as primary administrator for Splunk ITSI

•Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.

•Perform analysis of requirements, design specifications, development, and technical and user documentation of report development.

•Analyze, diagnose, and resolve errors throughout the lifecycle.

•Formulate recommendations to reduce operating time or improve efficiency.

•Knowledge of Splunk ITSI Glass tables, deep dives, KPI’s, ITSI modules.

•Integrated ServiceNow with Splunk to generate the incidents from Splunk.

•Integrated ServiceNow with Splunk to generate Incidents from Splunk Administered Apache HTTP Server 2.0.

•Integrated ServiceNow with Splunk to generate the Incidents from Splunk Administered Apache HTTP Server 2.0, Apache Tomcat 6.0.

•I am good at configuring Notifications, UI pages, UI Macros, Script Includes, Formatters, etc. in ServiceNow.

•Customized the Project portfolio management (PPM).

•Extensive experience in technical implementation of various ServiceNow modules such as Change Management, Incident Management, Problem Management, Service Catalog, Configuration Management.

•Worked with clients to assess current state processes and tools, defined ServiceNow requirements and developed and configured the ServiceNow platform.

•Provide Regular support guidance to Splunk project teams on complex solution and issue resolution.

•Participated in ServiceNow QuickStart Implementation process and worked with ServiceNow in the process of implementation of Incident, Change, Problem, Knowledge, and Service - Catalog.

•Experience with ServiceNow Discovery tool Service Watch to Discover and import CMDB items.

•Worked on Discovery and Orchestration ServiceNow platform tools like PowerShell, REST, SOAP, and API integration.

•Worked on content management system (CMS) to create the custom interface of the applications.

•Worked on various modules of ServiceNow like Incident management, change management, Problem management, Service Catalog, User Administration, Reporting and Discovery.

•Created Data Sources from various external applications, scripts to parse incoming data and transform into ServiceNow.

•Involved in ServiceNow. Development, Customization and Administration.

•Design and development of ServiceNow forms, views, and scripts to invoke existing Script.

•Developed Splunk infrastructure and related solutions as per automation tool sets.

•Developed Splunk infrastructure and related solutions as per business requirements and automation toolsets.

•Writing automation scripts for API’s, Unit and Functional test cases using Selenium Web Driver.

•Implemented web services using SOAP architecture and used Java script and Python for automation of dash boards.

•Support SPLUNK on UNIX, Linux, and Windows-based platforms. Assist with automation of processes and procedures.

Client: Accenture January 2017 –November 2018

Location: Orlando, FL

Role: Splunk Admin/Developer

Responsibilities:

Responsible for designing, developing, testing, debugging, deploying, and maintaining Splunk/HUNK solutions and dashboards running on Big Data technologies such as Hadoop.

Knowledge of creating providers, virtual indexes in Splunk Hunk and troubleshooting configuration issues.

To develop reliable, efficient queries that will feed custom Alert, Dashboards and Reports.

Populate Splunk/HUNK from 3rd party data sources Splunk IT Service Intelligence (ITSI) AND Hybrid CLOUD structure

Indexing data from various sources such as Zabbix, Kafka, open stack.

Design and maintain production-quality dashboards.

Log management, Log errors, Log management analytics through Splunk and ELK.

To write regular expressions to extract meaningful fields.

Played a leading role in understanding the logs and server data and brought insight into the data for the users.

Expert in creating Splunk knowledge objects. Hands-on experience installing Splunk TAS Symantec DLP, Splunk DB connect Splunk App for AWS and more.

Worked on Security solutions (SIEM) that enable organizations to detect, respond and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions.

Experience in providing monitoring and response to security events in Security Operations Center (SOC) team.

Experience in creating Access controls, to user by creating AD (Active Directory) groups power and user groups.

Experience with Active Directory and SSO Single sign-On option.

Configure the add-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.

Experience in Python general scripting, Hands on Experience in secure coding

Responsible for documenting the current architectural configurations and detailed data flow and Troubleshooting Guides for application support.

Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.

Client: Hasting Mutual Insurance Company March 2015 – December 2016

Location: Hasting, MI

Role: Splunk Engineer

Responsibilities:

Installation and configuration of Splunk products in different environments.

Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.

Designing and maintaining production-quality Splunk dashboards.

Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.

Configured and developed complex dashboards and reports on Splunk.

Involved in Installation, Administration and Configuration of Splunk Enterprise and integration with local legacy systems.

Splunk DB Connect 2.0 in search head cluster environments of Oracle Experience with Splunk UI/GUI development and operations roles.

Expertise in creating and customizing Splunk applications, searches, and dashboards as desired by IT teams and business.

Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.

Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.

Managing indexes and cluster indexes, Splunk web framework, data model and pivot tables.

Performed troubleshooting and/or configuration changes to resolve Splunk integration issues.

Hands on development experience in customizing Splunk dashboards, visualizations, configurations, reports, and search capabilities using customized Splunk queries.

Designing and maintaining production-quality Splunk dashboards.

Valuable experience in Splunk, WLST, Shell scripting to automate and monitor the environment routine tasks.

Client: Verizon February 2013– February 2015

Location: Orlando, FL

Role: System Engineer (SQL Developer)

Responsibilities:

Expertise with SQL UI/GUI development and operations roles.

Prepared, arranged, and tested SQL search strings and operational strings.

Involved in setting up alerts for several types of errors.

Developed, evaluated, and documented specific metrics for management purposes.

Using SQL created Visualizations to get the value out of data.

Created Dashboards for several types of business users in an organization.

Played a leading role in understanding the logs and server data and brought insight of the data for the users.

Worked on DB Connect configuration for Oracle, MySQL and MSSQL.

Supporting migration from Splunk on Premise data center to Amazon AWS

Launching, Configuring, Supporting large scale instances on AWS

Monitored Database Connection Health by using Splunk DB connects health dashboards.

Created Crontab scripts for timely running jobs.

Developed build scripts, UNIX shell scripts and auto deployment processes.

Valuable experience in creating SQL apps, navigations, interfaces, and valuable experience on Splunk lookups, macros, Pivot, data models, lookup files, and their publication into QL. Network Monitoring, bandwidth, and traffic monitoring through Splunk.

Experience in the use and understanding of complex RegEx (regular expressions).

Provided technical services to projects, user requests and data queries.

Involved in assisting offshore members to understand the use case of business.

Assisted internal users of Sql in designing and maintaining production-quality dashboard

Involved in writing complex IFX, rex and Multikv, mvcombine command to extract the fields from the log files.

Involved in helping the UNIX and Splunk administrators to deploy SQL across the UNIX and windows environment.

Helped the client to set up alerts for several types of errors.

Worked to ensure is actively and accurately running and monitoring on the current infrastructure implementation.

Involved in installing and using apps for Linux and UNIX.

Client: Doctor Augustin Joseph’s Office December 2011 – December 2012

Location: Orlando, FL

Role: Computer Analyst

Responsibilities:

Expand or modify the system to serve new purposes or improve workflow.

Test, maintain, and monitor computer programs and systems, including coordinating the installation of computer programs and systems.

Develop, document and revise system design procedures, test procedures, and quality standards.

Provide staff and users with assistance solving computer related problems, such as malfunctions and program problems.

The Responsibilities included in understanding the Issue by having conversation with Business users and owners.

Developing packages, procedures, functions, and triggers for the application.

Coordinates/ facilitates transition (planning, sign-off, team meetings, and escalations).

Involvement in Production Change Management & Release Coordination.

Writing technical documents using functional specifications

Writing PL/SQL stored procedures, functions, triggers to meet new features to be incorporated in the system to implements business rules.

Code review & Packaging DB Scripts.

Mentored junior programmers in Oracle database design and development

Trouble shooting for the end users' requirement and Optimizing Queries

Created many triggers for audit purposes.

Using UNIX environment for performing the testing.

Performing the tests on the newly coded procedures and documenting the same.

Review and analyze computer printouts and performance indicators to locate code problems, and correct errors by correcting codes.

Consult with management to ensure agreement on system principles.

Confer with clients regarding the nature of the information processing or computation needs a computer program is to address.

Read manuals, periodicals, and technical reports to learn how to develop programs that meet staff and user requirements.

Coordinate and link the computer systems within an organization to increase compatibility so information can be shared.

CERTIFICATIONS:

Splunk certified User

Splunk certified Power User.

Splunk certified Splunk Administrator.

EDUCATION

Master of Computer Science from Madurai Kamaraj University, India

Bachelor of Science (Mathematics & Computer Science) from Calicut University

Contact this candidate