7+ years of extensive experience in Splunk, Linux/UNIX, SQL developer/DBA. Monitoring, Data Analytics performance tuning, Troubleshooting, and Maintenance of Data Base, Application Servers like Web Sphere Application Server, IBM HTTP Server, Apache Web Server, Load Balancing, Splunk and data Power.
Expertise in Installation, Configuration, Migration, Troubleshooting, and Maintenance of Splunk, Passionate about Machine data and Operational Intelligence.
Good knowledge of SOA, Web services, SOAP WSDL, WS Security in Data power.
Experience with Web Services and load balancing configurations.
Experience in administration and configuring of Deployment Policy, WS-Proxies, XML Firewall, SSL Proxy Profiles, Multi Gateway Protocol, Load Balancer groups, and other objects.
Good working knowledge of AWS Environment, EC2 instance, Vpc flow logs, installing, configuring AWS.
Hands on experience in installing Splunk Symantec DLP, Splunk DB connect Splunk App for AWS
Upgrade and Optimize Splunk setup with new discharges.
Extensive experience in deploying, configuring and administering Splunk clusters.
Expertise in Actuate reporting, development, deployment, management and performance tuning of Actuate reports.
Experience in creating Splunk apps for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.
Helping application teams in on-boarding Splunk and creating dashboards, alerts, reports etc.
Setup Splunk Forwarders for new application levels brought into the environment.
Develop custom app configurations (deployment-apps) within SPLUNK in order to parse, index multiple types of log format across all application environments.
Experience with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
Created and Managed Splunk DB connects Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
Working experience in Integrating Splunk with Windows Active Directory and LDAP.
Strong administrative skills, experience in deployment and configuration of EAR, WAR and JAR files with other resources like database, message queues and access management tools for application security in Web Sphere
Experience in creating reports and Dashboards using Hubble. Good understanding of Data Integration in Hubble.
System Administration familiar with Windows Servers, Red Hat Linux Enterprise Servers, and UNIX.
Experience in Shell scripting and extensively used Regular expressions in the search string and data anonymization.
Experience on Splunk Enterprise Deployments and enabled continuous integration on as part of configuration (props.conf, Transforms.conf, Output.confg) management.
Experience on Splunk data flow, components, features, product capability, log parsing, complex Splunk searches, including external table lookups.
Experience in Splunk search construction with the ability to create well-structured search queries that minimize performance impact.
Expertise Splunk query language and Monitored Database Connection Health by using Splunk DB connect health dashboards.
Experience with PL/SQL stored procedures, functions, triggers to meet new features to be incorporated into the system to implements business rules.
Experience in GIT for source version control with Splunk.
Experience in Designing and implementing Trend Micro, Optimized search queries using summary indexing.
Mainly focused on Monitoring using AppDynamics and SPLUNK for monitoring production traffic and writing queries to find out the errors, exceptions and HTTP failures with a wide variety of query combinations.
Extensive experience in configuring the HTTP Server for various clustered application servers using virtual hosting and enabling the Radius Authentication to administer the SSL VPN Box.
Experience in SSL cryptography, troubleshooting by viewing logs and dealing with XML threats.
Experience in creating clustered and non-clustered indexes for increasing the performance also monitored the indexes by troubleshooting any corrupt indexes by removing fragmentation from indexes.
Fire Eye – San Jose, CA Feb 2019 – Present
Hands on Experience with Splunk search language and building complex queries
Good Knowledge about Data Models: Build, Edit and acceleration of Data Models
Experience SPL best practices for Search performance, summary indexes, report accelerations etc.
Managed data retention policies and perform index administration along with maintenance and optimization and configuration back-ups and provided granular, role-based security, manage access control to sensitive logs/ data.
Expert in build custom searches and visualizations in both Splunk Core and Splunk ITSI.
Created and configured KPI's in Splunk IT Service Intelligence (ITSI).
Extensive experience in designing and implementing AWS Cloud Services.
Monitored SYF's Splunk infrastructure and involved in capacity planning and optimization, involved in trouble shooting log-feeds, field extracts and search time etc.
Managed network design and applied security-based configurations on Splunk environment according to SYF's standard security guidelines.
Conducted a data source assessment of all available data/logs in SYF- environment that can be ingested into Splunk.
Experience with creating KOs (field extractions, macros, aliases etc)
Experience with KVstore and staycations lookups
Good level of understanding on multi-site cluster environment
Additional responsibilities included knowledge management, documentation and communications on future upgrades
Worked in ingesting the data from DB using DB Connect app.
Monitoring data in Splunk index and SQL database and configuration of backup.
Implemented Cipher feeder using a KV store coupled with db queries against the Orchestrator SQL server db.
Developed Splunk Dashboards, searches and reporting to support various internal clients in Security, IT Operations and Application Development.
Solid experience with various Splunk components - indexer, forwarder, search head, deployment server, heavy and universal forwarder, and license model. Time chart attributes such as span, bins, tag, and event types.
Prepare, arrange and test Splunk search strings and operational strings. Utilize Parsing, Indexing, and Searching concepts as well as Hot, Warm, Cold, Frozen bucketing.
Knowledge of configuration management tools like Git, Bitbucket
Experience in Splunk GUI development creating Splunk apps, searches, Data models, dashboards, and Reports using the Splunk query language.
Provide regular support guidance to Splunk project teams on complex solution and issue resolution.
Certified Administrator for Cloud Health from VMware for governance, usability and cost analysis.
Northern Trust - Chicago, IL June 2017- Jan 2019
Installation and configuration of Splunk product at different environments.
Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
Designing and maintaining production-quality Splunk dashboards.
Worked with SIEM team monitoring notable events through Splunk ES.
Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
Perform initial installation and configuration of new SIEM/Log Management deployments in both hosted and cloud environments.
Configured and developed complex dashboards and reports on Splunk.
Involved in Installation, Administration and Configuration of Splunk Enterprise and integration with local legacy systems.
ITSI integration with the information from these files across the ITSI app as part of ITSI workflows.
Onboard and cleanse data sources using CIM best practices for field extraction and Splunk Data Model optimizations.
Troubleshooting Splunk feed issues and data ingestion for remote locations
Splunk DB Connect 2.4.0 in search head cluster environments of Oracle.
Experience with Splunk UI/GUI development and operations roles.
Worked in data-flow design for data ingestion, transformation and analytics layers.
Expertise in creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
Experience in creating Access controls, to user by creating AD (Active Directory) groups power and user groups.
Experience with Active Directory and SSO Single sign-On option.
Configure the add-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.
Experience in providing monitoring and response to security events in Security Operations Center (SOC) team Using Splunk Enterprise Security.
Experience in Python general scripting, Hands on Experience in secure coding.
Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.
Responsible for documenting the current architectural configurations and detailed data flow and Troubleshooting Guides for application support.
Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
Experience in handling security events that affect VMware systems, applications, infrastructure, information and users using Splunk Enterprise Security.
Managing indexes and cluster indexes, Splunk web framework, data model and pivot tables.
Performed troubleshooting and/or configuration changes to resolve Splunk integration issues.
Hands on development experience in customizing Splunk dashboards, visualizations, configurations, reports and search capabilities using customized Splunk queries.
Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
Analyzed and monitored incident management and incident resolution problems. Involved in transformation of IRS ETI user requirements into Splunk ITSI Use cases.
Created ITSI Dashboards/ Glass-Tables
Resolved configuration-based issues in coordination with infrastructure support teams.
Designing and maintaining production-quality Splunk dashboards.
Good experience in Splunk, WLST, Shell scripting to automate and monitor the environment routine tasks.
Maintaining Data Repository Data correlation and trending.
Used Splunk tool in order to analyze the logs in the applications.
Bosch Group Farmington Hills, MI Mar 2016 to May 2017
•Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
•On-board new log sources with log analysis and parsing to enable SIEM correlation.
•Extracted complex Fields from different types of Log files using Regular Expressions.
•Created Search Commands to retrieve multiline log events in the form Single transaction giving Start Line and End Line as inputs.
•Created HTML dashboards with third party java scripts and CSS to create beautiful visualizations Field Extraction, Using Ifx, Rex Command and regex
•Guarantee high accessibility & execution trough flat scaling and burden adjusted segments.
•Prepared, arranged and tested Splunk search strings and operational strings. Created and configured management reports and dashboards.
•Created EVAL Functions where necessary to create new field during search run time.
•Provide inputs for identifying best fit architectural solutions - deployment for Splunk project.
•Splunk Engineer/Dashboard Developer responsible for the end-to-end event monitoring infrastructure of business-aligned applications.
•Experience in setting up dashboards for senior management and production support- required to use SPLUNK.
•Created many Splunk ITSI Log Analytics artifacts describing IEP Services.
•Developed scripts (Python Scripting, Java Scripting, Shell scripting, Perl Scripting) as needed in support of data collection, reporting and presentation requirements.
•Independently identified opportunities to improve operational and other performance for Security, IT Operations and other clients.
•Involved in interacting with business owners, developers and business analysts in improving the application.
•Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.
•Helped the client to setup alerts for different type of errors.
•Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
•Analyzed large datasets to identify metrics, drivers, performance gaps and opportunities for improvement.
•Maintain documentation of applications including what work has been done, what is left to do and site-specific procedures documenting the Splunk environment.
•Work with application team and production support team to troubleshoot production performance and reliability issues
•Worked on large datasets to generate insights and communicate insights to guide strategic roadmap.
•Maintained and managed assigned systems, Splunk related issues and administrators.
•Worked on Splunk DB Connect configuration for Oracle, MySQL and MSSQL.
•Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
•Involved in handling various Incident and request related to the application.
•Involved in developing complex scripts to automate batch jobs.
Cerved Group, India May 2013 to Nov 2015
•Performed Splunk administration tasks such as installing, configuring, monitoring and tuning.
•Install and maintain the Splunk add-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database.
•Installed and configured Splunk DB Connect in Single and distributed server environments.
•Configure the add-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.
•Automating in Splunk using Perl with Service-Now for event triggering.
•Deployed Splunk updates and license distribution over multiple servers using a deployment server.
•Create Dashboard Views, Reports and Alerts for events and configure alert mail.
•Monitor the Splunk infrastructure for capacity planning and optimization
•Server monitoring using tools likes Splunk, SolarWinds-Orion, HP BSM and HP Open View.
•Integrated Service Now with Splunk to generate the Incidents from Splunk.
•Active monitoring of Jobs through alert tools and responding with certain action logs, analyses the logs and escalate to high level teams on critical issues.
•Configured and administered Tomcat JDBC, JMS and JNDI services.
•Configured Node manager to remotely administer Managed servers
•Experience in handling network resources and protocols such as TCP/IP, Ethernet, DNS
•Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
•Splunk search construction with ability to create well-structured search queries that minimize performance impact.