Application Support Operations Manager
Resume:
Ashok R
Splunk Engineer
adm5tv@r.postjobfree.com
Over 4+ years of experience as a Splunk Engineer configuring, Implementing and Supporting Splunk Server Infrastructure across Windows, UNIX and LINUX environments
●Experience working on Splunk 6.x, 7.x, 8.x Splunk DB Connect 2.x, 3.x on distributed Splunk Environments and Clustered Splunk Environments on Linux and Windows operating systems Worked on Splunk Enterprise Security 4.x.
Worked on the Security Implementation.
●Expert in Install, Configure & administer Splunk Enterprise Server and Splunk Universal Forwarder, Splunk Heavy Weight Forwarder in large distributed environment.
●Extensive experience in Installation, Configuration, Migration, Trouble shooting and Maintenance on Splunk, Apache Web server on Different UNIX flavors like Linux.
●Worked on Design, support and maintain the Splunk infrastructure in Windows and Linux environments. Installation of Splunk Enterprise, Apps in multiple servers with automation.
●Great experience to Create Dashboard Views, Reports and Alerts for events and configure alert mail. Great Experience on Splunk Programming Language.
●Good Experience in creating the Splunk app for Enterprise Security to Identify and Address emerging security Threats using continuous monitoring, alerting and analytics.
●Strong experience in Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing. Working on indexers and computing servers and with configuration management.
●Experience security patching distributed Splunk architecture and components including search heads, indexes and forwarders.
●Excellent Experience to understanding the Software Development Life Cycle (SDLC).
●Good Experience on System Center Operations Manager (SCOM) and Good Experience on Splunk Enterprise Security Glass Table Errors and Visualization Issues.
●Experience with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Dashboards, Clustering and Forwarder Management.
●Good Knowledge on Clouds Services like AWS and Azure.
●Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
●Worked on Operational Intelligence using Splunk and Creating Dashboards with the Using XML.
●Experience on Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
●Interpreted and developed SIEM products to meet the internal and external and customer requirements. Experience in working on Enterprise Security log management and SIEM solutions.
●Experience in REST API, web-based technologies and Scripting Languages including perl, python and shell Scripting XML, HTML.
●Scripting and development skills using Python with strong knowledge of Regular expressions.
●Created Reports, Alerts and Dashboards by Splunk query language.
●Strong experience on Troubleshooting Splunk search head, Indexer and forwarder issues and document.
●Worked on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
●Set indexing property configurations, including time zone offset, custom source type rules. Configure Regex transformations to perform on data inputs.
●Provided 24/7 on-call support for production, Good exposure in troubleshooting and debugging on Splunk and very proactive in problem solving with providing best solutions.
●Motivated with excellent verbal/written communication skills, fast learner, good team player admirable presentation capabilities, and efficient requirement gathering ability and effectively convey them to other members in the team.
Log Analysis Tools
Splunk Enterprise 5.x/6.x/7.x/8.x, Splunk Universal Forwarder.
Servers
Web/App Servers, WebSphere Application Server, Web Sphere MQ Sever 6.x/7.x, WebSphere XD 6.0/6.1, IBM Http Server 6.x/7.x/8.x Apache Web Server 2.x, Tomcat 5.5, IIS 6/7.x
Operating Systems
IBM AIX (5.1/6.1), RHL Linux, Windows R2, VMWare
Programming
C#, C++, C, SQL/PL SQL, HTML, HTML5, DHTML, XML, CSS, CSS3JavaScript, Java.
Scripting
JavaScript, WSCP, WSADMIN, Perl, Korn Shell Script, Python
Databases
Oracle(10g/11i/12c), UDB/DB2, Sybase, MS SQL Server, IBM Web Sphere DB2
Cisco – San Jose, CA September 2020 to Present
Splunk Engineer
Responsibilities:
●Responsible for initiating, planning, executing, configuring, and deploying the latest version of Splunk on a Windows or Linux environment.
●Working on DEV, QA and PROD Environments. Using the Git Hub to push the changes in to TFS then TFS to Splunk.
●Upgraded Splunk Enterprise from v 7.x to v 8.x in clustered environments and non-clustered environments.
●Performed troubleshooting and/or configuration changes to resolve Splunk integration issues.
●Setup Splunk Forwarders for new application tiers introduced into the environment and existing applications Work closely with Application Teams to create new Splunk dashboards for Operation teams.
●Configured and optimized all Splunk Components Indexer, Search Head, Deployment Servers and Forwarders.
●Created Cloud Tables and Worked on Co relational Searches and created multiple KPI Dashboards.
●Working on Data Onboarding in to Splunk Indexer and Also involved Every Day Both Clustered and Non-Clustered Deployments.
●Creating Dashboards, report, scheduled searches, Knowledge Objects and alerts.
●Creating Lookups, Field Aliases, tags, Events, Transforms and IT Service Intelligence Glass Tables
●Experience in Splunk GUI development creating Splunk apps, searches, Data models, dashboards and Reports using the Splunk query language.
●Integrated on Service Now Tool for working MIF Logs, E mail and Ticket Alerting.
●Using Ansible for Splunk Installation and Configuration in Configuration Management also using in CICD.
●We are currently using the add-ons in your Splunk app for Enterprise security
●Analyzed security-based events, risks and reporting instances and Develop dashboards with visual metrics for stakeholders.
●Experience in creating SQL loader scripts to load data from flat files into the database and creating External Tables to manage data which is store at the OS level.
●Created Splunk app for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.
●Build the Dashboards Reports and Alerts delivers that real-time availability in to your QA or PROD Environments.
●Creating ITSI Dashboards/Glass Tables, setting up Multi KPI Alerts and generating complex operational Reports.
●Working on SOC for Continuous manage Known and existing threats while working to identify Emerging Risks.
●Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Outputs.conf and Inputs.conf files.
●Good experience on writing the Reg Ex commands working on Reg EX, Field Extraction Configuration Files.
Verizon – Dallas, TX March 2018 to September 2020
Splunk Consultant
Responsibilities:
●Installation and configuration of Splunk product at different environments like Linux Ubuntu, Centos and Windows Environments.
●Worked on Multiple Production Roles and Created Alerts with Using of Splunk, Also Created Multiple dashboards and Alerts at a time.
●Involved in Installation, Administration and Configuration of Splunk Enterprise and integration with local legacy systems.
●Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
●Hands on development experience in customizing, visualizations, configurations, reports and search capabilities using customized Splunk queries.
●Experience in Dynatrace and app Dynamics for using System Health Check, Availability.
●Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy Forwarder and Universal forwarder, License model.
●Designing and maintaining production-quality Splunk dashboards.
●Good experience in Splunk, WLST, Shell scripting to automate and monitor the environment routine tasks.
●Upgraded Splunk Enterprise from v 6.x to v 7.x in clustered environments and non-clustered environments.
●Working on 6TB Data Everyday Onboarding in to Splunk Indexer and Also involved Every Day Both Clustered and Non-Clustered Deployments.
●Worked on Application Performance Management (APM) for Server, database Monitoring to Detect and Diagnose Complex Application Server Performance.
●Created Splunk ITSI log Analytics artifacts describing IEP services, Defining KPI's and Configuration Thresholds. Worked on the Building Big Data Applications In Splunk. Both Structured and Unstructured Data and Created Secured Alerts, Dashboards, Reports, Fields, Tags and Event Types.
●Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
●Worked on Service now tool for ticket Raising and worked VM ware and AWS Virtual System Platforms
●Experience on Configured and developed complex dashboards and reports on Splunk.
●Splunk DB Connect 2.0 in search head cluster environments of Oracle. Worked on Splunk UI/GUI development and operations roles.
●Developed Various Reports Using on Java XML Files and Developed J2EE Application on Linux and Windows Platforms.
●Worked on Network Security Analysis for Continues Monitoring and Find out the Break Events.
●Responsible for documenting the current architectural configurations and detailed data flow and Troubleshooting Guides for application support.
●Expertise in creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
●Writing on Reg EX Queries for Splunk Data retrieval and write the Reg EX queries for creating alerts, reports and Dashboards.
●Created Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
●Creating and Managing Apps, Create user, role and Permissions to Knowledge objects.
●Create Dashboard Views, Reports and Alerts for events and configure alert mail OR depends on the requirement.
●Troubles hooting of searches for performance issues by adding lookups, correct joins and using summary indexes. Captured data from various front end, middle ware application. Dashboards were created to monitor the traffic volume across, response times, Errors, Warnings across.
●Managed Indexer Clusters including security, hot and cold bucket management and retention policies.
●Creating SPL (Search processing Language) Queries for Creating, reports, alerts, and Dashboards.
●Worked on Various types of charts, alerts settings, app creations, user and role access permissions.
●Integrate Service Now with Splunk to consume the alerts from Splunk and create service now tickets.
●Splunk configuration that involves different web application and batch, create Saved search and summary search,
●Summary indexes. Managing indexes and cluster indexes, Splunk web framework, data model and pivot tables.
Atos (St. Louis, MO) July 2016 to Feb 2018
Splunk Admin /Developer
Responsibilities:
●Gather Splunk requirements for on boarding data and estimate storage requirements and time frame to onboard data.
●Developed Splunk Dashboards, searches and reporting to support various internal clients in IT Operations and Application Development.
●Connect all forwarders to deployment server and update configurations
●Create alerts and reports for license utilizations for each teams or pools
●Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
●Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
●Creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
●Setup and configuration of search head cluster with three search head nodes and managing the search head clusters.
●Involved in handling various Incident and request related to the application.
●Involved in monitoring the ticketing tool and taking the ownership of the tickets.
●Develops new documentation, departmental procedures and user support guides.
Splunk Certifications:
Splunk Enterprise Certified Admin
Splunk Certified Power User
Splunk Certified User
Contact this candidate