senior splunk developer
Resume:
Kamalakar
Senior Splunk Engineer/Admin
*************@*****.***
Professional Summary:
13+ years of IT experience and 7+ years of experience with Splunk - Enterprise Splunk, Splunk DB Connect, Splunk configuring, implementing, and supporting Splunk Server Infrastructure across Windows, UNIX and Linux.
Extensive knowledge of Splunk architecture and various components. Passionate about Machine data and operational Intelligence.
Having experience in understanding of Splunk 5.x, 6.x and 7.x product, Distributed Splunk architecture and components including search heads, indexers, forwarders.
Expertise in Splunkenterprise architecture such as Search Heads, Indexers, Deployment server, Deployer, License Master, Heavy/Universal Forwarders.
Experience analyzing network, event, and security logs on premise and cloud
Headed Proof-of-Concepts on Splunk implementation, splunk indexing and plugins, mentored and guided other team members on Understanding the use case of Splunk.
Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.
Expert in installing and using Splunk apps for Unix and Linux (Splunk nix).
Used Time chart attributes such as Span, Bins, Tag, and Event Types. Created and configured management reports and dashboards.
In the highly regulated financial services industry, one leading global company encountered limitations with its legacy security investigation and event monitoring (SIEM) software. The financial services company needed a new solution that could ingest growing volumes of data, minimize risk, speed security investigations and integrate with its governance, risk and compliance (GRC) solution. Since deploying Splunk Enterprise and Splunk Enterprise Security (ES) as its data analytics security platform, the company has seen benefits including
Experience in cloud based technologies such as S3, Redshift and with NoSql stores such as MongoDB
Experience with Splunk Searching and Reporting modules - (Splunk ITSI and Enterprise Security App) Knowledge Objects, Administration,
Experience with other Splunk premium applications – ITSI, UBA, ES, Hunk
Developed several releases of the Enterprise Canonical XML Schema (ECXS), enabling timely implementation of Exchange-related projects for the Affordable Care Act
Experience on Data Analytics, Advanced Data Analytics, Visualization, Advanced Visualization, Dashboard Customization, and Advanced Dashboard Customization in Splunk.
Experience on Splunk Enterprise Deployments and enable continuous integration as part of configuration using (props.conf, Transforms.conf, Input.conf&Output.conf, Deployment.conf) management.
Experience in Create and Manage Splunk DB connects Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
Cloud computing and Virtualization
Knowledge on Cloud technologies, Enterprise security
Understanding of cloud-computing concepts
Also notable is the fact that this company, like others in financial services industry, is highly compartmentalized, and while it moves somewhat slowly it still was able to begin using Splunk ES in a short period of time. With Splunk ES, the company has a solution that offers ease of use and at a cost that will enable it to scale. Moving forward, the company will begin conversations around using Splunk ES for additional use cases including fraud.
Understanding and experience with configuration management tools and concepts such as Puppet, Chef, CloudFormation, and similar
FlexLM Licensing, Synopsys, Cadence, VMware, vSphere, vCenter, Hyper-V, CAD/ASIC and IT Infrastructure, SAS Grid Manager, SAS Viya, Active Directory, LDAP, Office 360, Desktop Central (App Management, Policy Management, Patch Management and Software Deployment), Automox, Tcpdump, Wireshark, Splunk (ES, UBA, ITSI & ITOA), AppDynamics, ExtraHop, and SolarWinds
Experience with network security and system security for Security Event Management Tools (SIEMs)
Experience on log parsing, complex Splunk searches, including external table lookups, Splunk data flow, components, features and product capability.
Experience on Splunk query language and Monitored Database Connection Health by using Splunk DB connect health dashboards.
Minimum 4 years of administration experience with Splunk or any similar log management tool
Understand and maintain the appropriate knowledge of Security Technologies, (AV, FIM, HIPS, NIPS, SIEM, WAF/DAM, DLP), security procedures, and services within the SOC as well as ensuring all tools are functioning properly
Conduct data model reviews with project team members.
In depth and extensive Knowledge in setting up alerts and Monitoring recipes from the Machine generated data.
Exposure to Application Servers like Web Logic, IBM Web Sphere, JBoss and Apache Tomcat Web Server.
Experience in PL/SQL programming - Stored Procedures, Functions, Packages, SQL tuning, and creation of Oracle Objects - Tables, Views, Materialized Views, Triggers, Sequences, Synonyms, Database Links, and User Defined Data Types. Experience using SQL, PL/SQL Procedures, Functions, Triggers and Packages.
Used Model Mart of ERwin for effective model management of sharing, dividing and reusing model information and design for productivity improvement.
Built the physical data model for customer review and approval and constructed the registration database using Oracle 9i on a windows platform.
Expertise in performance tuning and query optimization using various types of hints, partitioning, bulking techniques and indexes. experience developing packages, stored procedures, functions, exception handling, dynamic cursor programs, data collections, views and database triggers using SQL and PL/SQL in Oracle.
Collaborate with data architects for data model management and version control.
Enforce standards and best practices around data modeling efforts.
Achieved super-user level of expertise with Adaptive Metadata Manager, mastering the metamodel(s) and developing load templates for business and technical metadata.
Expertise in SOX/PCI, System Enterprise Reporting, and performance tuning of use case reports.
Provided troubleshooting services for dell computers and laptops and ensured that the service is executed within the standard timeframe
Maintained database of new and existing products, specifications, features, and price range
Wrote and uploaded troubleshoot assistance guide for providing customer support
Configured and installed Dell Enterprise Servers
Configuring, Automating and Deploying Chef, Puppet and Ansible for configuration management to existing Infrastructure
Wrote Python Code using Ansible Python API to Automate Cloud Deployment Process
Analyze, resolve and log details of technical errors occurring with the systems and hardware used by the customers
Well versed with detailed technical specifications of the existing and newly launched products of Dell including maintenance and repair guidelines for Dell hardware
Used Expansible to document all infrastructures into version control.
Well versed in developing the data transfer technology using JSON with XML concept.
Can interchange the data from one file to another using different concept using JavaScript Object Notation.
Using different data types number, string, Boolean, Array,Value, Object can develop the data transfer from one object to another object using the Json technology.
Using the Json with XML technology can extract and import data from the applications.
Technical Skills:
Splunk: Splunk 5.x and 6.x 7.x 7.1, Splunk Enterprise, Splunk on Splunk, Splunk DB 2 Connect, Splunk Cloud, Hunk, Splunk IT Service Intelligence, Splunk Web Framework
Operating Systems: Windows 2000, XP, Win 10, Windows Server, Unix/Linux (Red Hat), Free BSD
Data Analysis: Requirement Analysis, Business Analysis, detail design, data flow diagrams, data definition table, Business Rules, data modeling, Data Warehousing, system integration
RDBMS: Oracle 11g/10g/9i/8i, MS-SQL Server 2000/2005/2008, Sybase, DB2 MS Access, Mysql
Web Technologies: HTML, DHTML, JavaScript, XML, XSL, XSLT, REST, SOAP
Web/App Servers: Apache Tomcat 6.0, web logic8.1/9.2, web sphere 6.0
Concepts: SDLC, Object Oriented Analysis and Design, Unified Modeling Language (UML), Assembly and System Level Testing, exposure in Agile.
Programming Language: C, C++, Java with Big Data, Python, UNIX shell scripts, Ansible,Java,Javascript, Json
Environment: SQL Server 2000/2005 Enterprise Edition Advanced Windows 2003 Server, Erwin, SQL RedGate, SQL Backup, and Dell Power Edge 8450.
Certifications: Splunk Power User & Admin Certified.
Education: Bachelor's in Computer Science from P.Indra Reddy Memorial Engineering College affiliated with JNTUH in 2008
Professional Experience:
Merck, Irving, TX Mar’18 to Present
Sr. Splunk Engineer / Admin
Responsibilities :
Designed Splunk Enterprise 6.5 and 7.0,7.1 infrastructure to provide high availability by configuring clusters across two different data centers.
Create documentation on build, deployment, and sustainment processes and procedures for application use in cloud capable datacenter
Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise server7.x/6.x/5.x.
Architect and Implement Splunk arrangements in exceptionally accessible, repetitive, conveyed figuring situations.
Performed Field Extractions and Transformations using the RegEx in Splunk.
Designed the large scale job scheduling mechanism for mortgage underwriting operation teams
Monitor and support services with a variety of services such as Splunk (ES, UBA, ITSI & ITOA), SCOM & OMS 2016, SCCM, AppDynamics, ExtraHop and other proprietary systems
Expert knowledge on Security Information and Event Management Platforms (SIEM) – specifically SPLUNK
Responsible for Installing, configured and administered Splunk Enterprise on Linux and Windows servers.
Supported the upgradation of Splunk Enterprise server and Splunk Universal Forwarder from 6.5 to 6.6.
Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.
Implemented conversion to Litespeed backup system and am working on an across the board upgrade to SQL Server 2005.
Splunk architecture and design for both on premise and AWS cloud
AWS and Azure cloud security
Responsible for creating/versioning/testing of scripts (Bash, PowerShell), AWS Cloud Formation templates, Chef, Nagios, Maven/Ant, Git, Jenkins, Perl, and Ruby to achieve a high-level of automation
Minimum 3 years of experience using Splunk in a 24x7 environment
Analysed the 22 reports to determine the conversion of the reports either using FID tables and views or using Free Form SQL.
Operate, develop for, and maintain the Splunk log management infrastructure, leverage knowledge on a number of security technologies, information security, and networking
Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk.
Writing Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs.
Experience in alert handling, standard availability and performance report generation. Experience in root cause analysis of post-production performance related issues through Splunk tool.
Verified if the data model helps in retrieving the required data by creating data access paths in the data model.
Designing, optimizing and executing Splunk-based enterprise solutions.
Installed and configured Splunk Universal Forwarders on both UNIX (Linux, Solaris, and AIX) and Windows Servers.
Hands on experience in customizing Splunk dashboards, visualizations, configurations using customized Splunk queries.
Monitored the Splunk infrastructure for capacity planning, scalability, and optimization.
Experienced in using Splunk- DB connect for real-time data integration between Splunk Enterprise and rest all other databases.
Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
Responsible with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
Monitored license usage, indexing metrics, Index Performance, Forwarder performance, death testing.
Splunk Architecture/Engineering and Administration for SOX monitoring and control compliance.
Design and implement Splunk Architecture (Indexer, Deployment server, Search heads, and Forwarder management), create/migrate existing Dashboards, Reports, Alerts, on daily/weekly schedule to provide the best productivity and service to the business units and other stakeholders.
Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
Using the following tools and technologies such as: Bash, Perl, VMware ESX, ESXi, Hyper-V, NFS/CIFS, SCOM & OMS 2016, Active Directory, LDAP, LSF, FlexLM Licensing, AppDynamics, Splunk (ES & ITSI), ServiceNow, ExtraHop, SolarWinds, VERITAS, Solaris, Exadata, InfiniBand switch, Oracle SPARCE and SAN.
Lead key log management and analysis platform(s) discipline by driving technology strategy, implementation and adoption of the platform within Ally Enterprise
Configured Syslog server for the forwarding the logs to Splunk server via network protocols like TCP and UDP.
Subject matter expert in best practices, security protocols, PKI, and other security-related issues.
Monitored the database (data tables and error tables), WebLogic error log files and application error log files to track and fix bugs.
Responsible for troubleshooting various indexing issues by analyzing splunk logs such as splunkd.log, metrics.log ingested as internal index.
Support and execute arrangements considering a full information lifecycle (Search & Investigate, Add Knowledge, Monitor & Alert, Report & Analyze). Followed agile and scrum process for the whole implementation process.
Wells Fargo, Edison, NJ May’16 to Mar’18
Senior Splunk Engineer
Responsibilities:
Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise Server 6.0 and Splunk Universal Forwarder 6.0.
Administered a complex cluster based environment involving search heads in a cluster while the indexers are in standalone mode.
Configured Splunk forwarder to send unnecessary log events to "Null Queue" using props and transforms configurations.
Created and configured management reports and dashboards in Splunk for application log monitoring.
Active monitoring of Jobs through alert tools and responding with certain action to logs analyses the logs and escalate to high level teams on critical issues.
Responsible for developing Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
Extensive experience on setting up the Splunk to monitor the customer volume and track the customer activity.
Have involved as a Splunk Admin in capturing, analyzing and monitoring front end and middle ware applications.
Created Splunk app for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.
Created and configured management reports and dashboards in Splunk for application log monitoring.
Responsible for administering, maintaining, and configuring a 24 x 7 highly available, Splunk apps for production portal environment.
Work closely with Application Teams to create new Splunk dashboards for Operation teams using advance XML and CSS.
Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs.conf and Inputs.conf files.
Extensively used Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.
Using DB connect for real-time data integration between SplunkEnterprise and databases.
Analyzing in forwarder level to mask the customer sensitive data able to manage distributed search across set of indexers.
Responsible to filter the unwanted data in heavy forwarder level thereby reducing the license cost.
Worked with administrators to ensure Splunk is actively, accurately running, and monitoring on the current infrastructure implementation.
Worked on properly creating/maintaining/updating necessary documentation for Splunk Apps, dashboards, upgrades and tracked issues.
Provided On-call support for various production applications.
Administered various shell and Python scripts for monitoring and automation.
Extensive experience on setting up the Splunk to monitor the customer volume and track the customer activity.
Administering the MS SQL Server by Creating User Logins with appropriate roles, dropping and locking the logins, monitoring the user accounts, creation of groups, granting the privileges to users and groups.
Walmart, Bentonville, AR (Offshore Hyderabad, IND) Nov’14 to Oct’16
Splunk Developer
Responsibilities:
Installed & configured and managed SplunkEnterprise Server 5.x/4.x, Splunk Universal Forwarder 5.x/4.x on various platforms like Windows Server, UNIX, Solaris.Tuned and Supported SplunkEnterprise Server 5.0.
Worked on various components in Splunkenterprise architecture such as Search Heads, Indexers, Deployment server, Deployer, License Master, Heavy/Universal Forwarders etc.
Developed Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
Worked on multiple Splunk SPL functions to create new fields during search.
Used Splunk for Application Log, Security Log and Performance monitoring.
Configured Splunk multisite indexer cluster for data replication.
Developed Splunk infrastructure and related solutions as per automation tool sets.
Knowledge of security threats and vulnerabilities and how to detect and mitigate them, experience in building security monitoring and incident management solutions using Splunk.
Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
Create dashboard from search, Scheduled searches o Inline search vs scheduled search in a dashboard.
Configured up to 10 standard data sources based on use case scenarios to support the underlying security requirements.
Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
Optimized Splunk for peak performance by splitting Splunk indexing and search activities across different machines.
Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
Frontier Communications, Norwalk, CT (Offshore Hyderabad, IND) Apr’11 to Dec’14
PL/SQL Developer
Responsibilities:
Responsible for Analysis, Design, Coding, Debugging and testing the processes/programs that are necessary to extract data from Operational Databases, transforming and cleaning the data and loading it to data ware house.
Experience in writing the SQL, PLSQL stored procedures to meet the business requirements and the transformations.
Developed PL/SQL triggers and master tables for automatic creation of primary keys.
Used Dynamic SQL to implement DDL statements in PL/SQL programs.
Worked with the team to design, develop, test & implement system. Creation of database objects like tables, procedures using Oracle tools like PL/SQL, TOAD. Written Stored Procedures using PL/SQL.
Responsible for developing PL/SQL Functions, Procedures, Packages, Cursors and Triggers.
Created programming code using advanced concepts of Records, Collections and Dynamic SQL.
Extensively used error and exception handling techniques for validation purposes in code.
Created Functions for duty calculations and validation of the inputs.
Involved in Development of the applications by using PL/SQL tools like cursors and exception handlers, Loops and records. SQL Queries.
Generated specific reports using crystal report system.
Developed scripts for checking Oracle errors in alert logs and trace files for every 15minutes.
Involved in coding with SQL, PL/SQL function, stored procedure, packages, triggers, and Materialized view for Oracle database.
Successfully performed data replication using Materialized views.
Implementing Best Practices for optimizing and tuning the database.
Monitoring the database audit log.
Pact Software Services, Hyderabad, IND Jun’08 to Mar’11
SQL Developer
Responsibilities:
Designed, Coded, Tested, Implemented the Stored Procedures to support the System.
Fixed bugs in the existing in-house developed Software which is used to upload the reports for the end users to view the reports.
Created records, tables, collections (nested tables and arrays) for improving Query performance by reducing context switching.
Participated in code reviews in Oracle Views, Pl/SQL Procedures to understand the testing needs of the change components.
Involved in writing PL/SQL Packages, Functions, Stored Procedures, and Data Base Triggers.
Created huge database packages with related functions and procedures.
Added database triggers to some history tables of the database.
Created and configured SQL mail to send mail as events occur.
Contact this candidate