# Cert -****** # Cert-******

KISHORE KUMAR SUNKOJU

E-Mail:adrd3t@r.postjobfree.com Mobile: 715-***-****

Senior Splunk Administrator / Splunk Onboarding expert / Splunk and ITSI Engineer

PROFESSIONAL SUMMARY

Around 10+ years of experience in analysis, design, Implementation, Infrastructure, Maintenance of full life cycle commercial applications in HealthCare, E-Commerce, Banking domains

Expertise in Design, Installation, Configuration, Migration, Troubleshooting and Maintenance of Splunk.

Experience on Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.

Utilized Splunk ITSI to develop Glass tables for KPI’s and Services, created notable events and alerts to trigger the potential issues before they arise.

Have experience in creating Docker images using Docker file and map them with the ports and volumes based on the project needs.

Have experience in architecting and deploying of fault tolerant, highly available, cost effective and secure servers using Amazon web Services (AWS).

Integrated AWS cloud trail logs, S3 access logs, Azure and Bluemix cloud services with Splunk.

Worked on Security solutions (SIEM) that enable organizations to detect, respond and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions.

Developed and managed custom correlation searches to run the adaptive response actions and receive notable events to mitigate security threats.

Develop Splunk programming for entity-based anomaly detection, alerting logics useful for various enterprise and business operations through SPL (Splunk Processing Language), REGEX.

Have experience in utilizing the SyslogNG in onboarding the security devices logs.

Developed correlation searches to trigger notable events response actions, monitor, investigate and remediate security threats scenarios using SIEM.

Utilized custom data models like assets and identities, Incident management, Domain analysis in SIEM.

Develop regular expressions and security-focused content, custom scripts, new/custom Apps to perform specialized functionality that are used for Splunk dashboards development.

Good experience in Configuring Management Tools like Ansible.

Perform advanced searching and reporting to help customers with the implementation specialized/custom dashboards by using CSS, HTML, JavaScript and advanced XML.

Integrating Splunk with a wide variety of legacy data sources such as network devices, storage equipment’s and Oracle databases, and industry leading commercial security tools such as Tanium, AKAMAI, PingFederate, McAfee that use various protocols.

Good experience in Scripting Languages like Bash, Shell, also written some codes for the project needs which reduced the manual intervention and in addition saved lot of time for the project.

Proficient in understanding the network infrastructure and architecture.

Proficient in handling the workload management including scoping, estimation, and prioritization of work.

Good understanding of the principles and best practices of Software Configuration Management (SCM) for tracking and controlling changes in Software in Agile, scrum, and Waterfall methodologies.

Systems and product knowledge training administered to all new joiners/stakeholders at JDA, Dell EMC and Kaiser Permanente IT.

IT SKILLS

Technical Skills:

Log Analysis Tools: Splunk Enterprise 5.x/6.x/7.x/8.x, Splunk Cloud, Splunk Enterprise Security 5.x,6.x, DB Connect 3x, Splunk ITSI 3.x/ 4.x., Elastic Logstash Kibana, Grok filtering, Prometheus tool, Graphana, Azure Log Analytics.

Servers: WebSphere Application Server, AWS, IBM Blue mix, Web Sphere MQ Sever 7.x, v9, IBM Http Server 6.x/7.x/8.x, Apache Web Server 2.x, WebLogic 11g,12c

OS: RHL Linux, CentOS, Ubuntu, Windows R2, IBM AIX (5.1/6.1), VMWare.

DevOps: Jenkins, Docker, Ansible, GitHub,Git,IBM RTC, UCD, JIRA, Service Now, Azure AKS, Azure Cloud, Kubernetes, Google Apigee, Kafka, Axway.

Scripting: JavaScript, Python, Bash Shell Script

Frame Works: Angular JS, IDE Eclipse

Databases: Oracle (10g/11i/12c), MySQL, MS SQL.

Education & Certification:

Bachelor of Technology in Electronics and Communications, June 2010, Jawaharlal Nehru Technological University, Hyderabad.

Master of Science in Computer and Information Science (MCIS) August 2016, Southern Arkansas University, Magnolia, Arkansas.

Splunk Power User Certified - # Cert-281697

https://www.youracclaim.com/badges/922e08b1-52b5-479f-84d1-de7c98bd3086/public_url

Splunk Certified Admin - # Cert - 303271

https://www.youracclaim.com/badges/437c91ad-d5b2-4434-8ef4-6e22421aa8a3/public_url

WORK EXPERIENCE

Splunk SME at Kaiser Permanente (Current).

Pleasanton, CA.

March 19’ – Present

Responsibilities

Integrating Splunk with a wide variety of legacy data sources and industry leading commercial tools that use various protocols or services and ensure CIM compliance.

Creating dashboards, visualizations, reports, alerts and other knowledge objects as per customer needs.

Administrate Splunk and Splunk apps to include developing new/custom Apps to perform specialized functionality.

Architect and analyzing existing Splunk architecture and components and implement in scaling, capacity planning and migrating all Splunk components to higher versions.

Implement ITSI (IT Service Intelligence) apps in Splunk and provide services to the customers to monitor their business model and application services.

Implement CICD (Continuous Integration and continuous deployment) using DevOps tools like RTC (Rational Team Concert), Jenkins and UCD (Urban Code Deployment) to promote projects from DEV to higher environments (Staging, QA, UAT and Production).

Implementing and supporting CIM (Common Information Model) to extract the fields from log and give meaningful and common name across the application/projects to support the common functionality without any code changes.

Developing and managing advanced scripts to automate Splunk with associated DevOps tools.

Perform daily and weekly business critical deployment activities with Splunk ecosystems components and business applications.

Developed correlation searches to trigger notable events response actions and review and triage the incident review collection.

Architect applications using log stash filters using ruby and advanced Grok filtering technique’s

Identify the root cause of the issues and providing a permanent solution.

Created scripts for the Splunk Version upgrades with minimum downtime for all the environments including production.

Developing and managing advanced Python, Ansible scripts to automate Splunk with associated DevOps tools.

Integrated DB connect App with Splunk Core to for the secure and fault tolerant onboarding of database logs.

Developed Splunk programming for entity-based anomaly detection, alerting logics useful for various enterprise and business operations through SPL (Splunk Processing Language), REGEX.

Implementing Splunk Enterprise on premise to Splunk Cloud Migration.

Implemented Kafka monitoring on Prometheus and Grafana.

Integrated Ansible tower with Splunk and developed business specific Knowledge objects.

Integrated Azure Platform with Splunk and developed key business Splunk application knowledge objects.

Integrated Splunk with Azure Kubernetes Platform (AKS) and implemented Logstash in the architecture.

Constructing Python Modular inputs to establish connection with API’s, test SOAP and REST web service based on existing project workflows.

Well versed with Service Now change requests for all the project deployments.

Developed and implement Splunk solutions, configurations and procedures in GITHUB repository for operating, managing, ensuring the security of the enterprise infrastructure, applications.

Created custom correlation searches using multiple data sources to trigger adaptive response actions using Splunk Add-on Builder.

Performed analytics development on Security data from different endpoints, including Infrastructure and network, data security using Splunk Enterprise Security app, Triage events, Incident Analysis.

Installed Splunk ITSI and developed Glass tables for KPI’s and Services, create notable events and alerts to trigger the potential issues before they arise.

Good Knowledge on Splunk Enterprise security frameworks and planning and integrations.

Environment: Splunk Enterprise 6.x,7.x,8.x, Splunk Cloud 7.x,8.x, Splunk ITSI 4.x, Splunk SIEM 6.x,DB Connect, DataPower, APIGEE, Azure Kubernetes services, Azure Platform, RHEL Linux, Windows server, LDAP, AWS, Jenkins,Azure Log Analytics, Ansible,XML,CSS, Soap / Rest Api,Webservices,JavaScript,Shell script, Python, SharePoint,Jira, ServiceNow,Change Management.

Software Engineer – Splunk SME.

FedEx, Collierville, TN

Feb 19’ – March’19

Responsibilities

Created and configured management reports and dashboards in Splunk for application log monitoring.

Responsible for administering, maintaining and configuring a 24 x 7 highly available, Splunk apps for production environment

Created Splunk (SPL) queries KPI, Reports, Alerts and Dashboards

Applied knowledge about Splunk architecture and various components (indexer, forwarder and search head).

Maintained security for different roles for different end users

Created data retention policies and perform index administration, maintenance and optimization.

Monitoring or analyzing the real-time events for the security devices like Firewall, IDS, Anti-Virus etc., using SIEM tools.

Utilized custom data models from SIEM to develop and detect endpoint threats, user behavior threats.

Worked on Configuring Management Tools like Chef and Ansible.

Utilized scripting languages like bash shell, also write some codes for the project needs which reduced the manual intervention and in addition saved lot of time for the project.

Use Git and GitHub distributed source code control.

Integrated PCF onboarding into Splunk.

Responsible for maintaining Version Control repositories, User Management in GIT, Involved in Branching and Merging of code.

Parameterized Jenkins to automate build and deployment of java-based web applications on applications servers.

Correlating events from a Network, OS, Anti-Virus, IDS/ IPS, Firewalls or Proxies and analyzing them for possible threats.

Understand and interpret customer requirements for Splunk implementation for an enterprise solution.

Provide deployment strategies with the understanding of affordable risk based on customer acceptance.

Monitor security violations, flag potential violations and logging security incidents in Service Now and protected companies’ data.

Environment: Splunk Enterprise 7.x, Splunk ITSI 4.x, DB Connect, MQ, RHEL Linux 6.x, LDAP, AWS, Jenkins, PCF, Ansible, XML, CSS, Jira,JavaScript, Shell script, Python, ServiceNow.

Sr Splunk Engineer.

Kaiser Permanente IT, Pasadena, CA

Jan 18’ – Feb 19

Responsibilities

Developed configurations, ingesting EPIC (. HL7) application logs, IB logs from different source systems within Splunk Enterprise.

Developed Splunk Dashboards, searches and reporting using advanced XML, JavaScript and CSS.

Developed many application interface pages using Angular JS programming embedded within Splunk dashboard for business.

Deploy changes from Non-Prod instances to Production using deployment server.

Responsible for data inputs/app creation/objects/views managing in Splunk.

Performed upgrade with Splunk Enterprise environment from 6.6.3 to 7.2 for all the Splunk components, including Splunk ITSI premium app.

Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.

Developed modular inputs using Splunk Python SDK to ingest logging from the internal API’s.

Bundle applications and deploying to the higher environments using IBM UCD.

Working on AWS EC2 Instances creation, setting up AWS VPC, launching AWS EC2

Instances different kind of private and public subnets based on the requirements for each of the

Applications.

Working on AWS Elastic load balancing for deploying applications in high availability.

Experience with containers, Docker and created many images using Docker file.

Automation of deploying EC2 resources using CF templates.

24*7 monitoring of production infrastructure and services on AWS across different AZs.

Facilitated Batch management and optimization using performance metrics from Splunk.

Demonstrated expertise with Design, Implementation, Configuration and Management of Splunk Enterprise and Splunk Premium Apps like ES and Splunk ITSI.

Worked on Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy & Universal forwarder, and License model.

Environment: Splunk Enterprise 6.x,7.x, Splunk ITSI 4.x, Jenkins, Docker, IBM UCD,Maven, DB Connect,IBM DataPower, WebLogic Server 11g/12c, MQ, RHEL Linux 6.x, LDAP, AWS, XML, CSS, JavaScript, Shell script, Python, ServiceNow.

Software Dev Engineer - Splunk.

Dell EMC, Round Rock, TX

Jan 17’ – Dec ‘17

Responsibilities:

Installing, Configuring and Administering Splunk Enterprise Server 6.2.1/6.5.3 and Splunk Forwarder 6.x on Red hat Linux and Windows severs.

Complete deployment of Splunk Components in different environments, including migration of existing Production, SIT, Sandbox instances from 6.2.1/6.5.1 to 6.5.3/6.6.2.

Worked on Splunk upgrade from 6.2.1 to 6.5.3 through entire environment including 1400UF's in different environments like Windows, Linux servers.

Assisted with on boarding relevant data sources as needed, including inputs, SQL DB inputs, index-time configurations, search-time field extractions, event types, and tags.

Developed Splunk Dashboards, searches and reporting to support various internal clients in SOA, DCS Operations and Application Development.

Prepared, arranged and tested Splunk search strings and operational strings.

Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.

Helped the client to setup alerts for different type of errors for MQ, DataPower, Webservers, Database etc.,

Good knowledge on Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.

Installed and configured Splunk app for Linux and UNIX, Splunk DB Connect 2 for Oracle and MSSQL, Rest API, Splunk App for WebLogic Server, Splunk On Splunk etc.,

Developed python scripts to automate batch jobs.

Configured AWS app and Hadoop connect app to Splunk.

Created a significant number of the evidence of-idea dashboards for IT operations, and administration proprietors, which are utilized to screen application and server health.

Played a major role in understanding the logs, server data and brought an insight of the data for the users.

Environment: Splunk 6.x, DB Connect, IBM Datapower, WebLogic Server 11g/12c, MQ, Apache HTTP Server, RHEL Linux 6.x, LDAP, MS SQL Server 2012, AWS,XML,CSS,JavaScript, Python.

Software Engineer – Splunk/DevOps

Natsoft Corporation.

Somerset,NJ.

Aug 16’ – Jan 17

Responsibilities

Developed Splunk Dashboards, searches and reporting to support various internal clients in Application Development.

Created Splunk (SPL) queries KPI, Reports, Alerts and Dashboards

Perform daily and weekly business critical deployment activities with Splunk ecosystems components and business applications.

Involved in Designing and developing responsive and functional UI using technologies like jQuery, CSS, HTML.

Installation, Configuration MySQL, Apache in both Linux and windows environments.

Gained Knowledge on big data technologies like Splunk both on premise and cloud technologies.

Developing the database applications with the business requirements for the project.

Implemented Splunk on Linux and Windows as an Admin and managed users-based accesses.

Sr.Technical Consultant

JDA Software, Hyderabad, India.

May’13– Dec’14

Responsibilities:

Involved in multiple applications modules that make up JDA-PMM Portfolio Merchandising Management using PL/SQL and User presentation layer Uniface.

Involved in gathering requirements for Design and develop phases of new enhancements to JDA-PMM and JDA Demand Planning product from versions V7.6, V7.8 and V8.0.

Worked on creating various workflows, user stories, use cases and documents them in product requirement document (PRD).

Involved in Agile sprint planning, stand ups, product grooming and other sprint rituals.

Monitor the quality assurance problem logs, prioritizing solutions and delivery.

Communicated product and solution expertise to internal and external customer.

Ensured smooth and efficient implementation and integration between technical and functional system requirements by following global template and providing guidance and support throughout the implementation life cycle.

Developed and validates test plans, test scripts to ensure JDA software consistently meets the customer’s business objectives, in keeping with agreed acceptance criteria.

Created and maintained multiple demo environment versions.

Worked along with JDA Cloud team to resolve complex application issues in real time, which would result in unavailability of either the entire or certain components of the application.

Worked along with deployment team for deployment of JDA products suite with new customers and clients migrating to a higher version.

Developed customer-specific proof of concepts and standard operation procedures (SOPs)

Used customer service, communication and problem-solving skills to solve inquiries from JDA customers on complex business scenarios.

Fully document all case issues and interactions and author Knowledge Base solutions.

Took initiative to automate tasks which reduced the number of incident tickets.

Communicating with different teams to resolve an issue and develop a change request.

Created test cases and test the new functionality design of the new release and fix the bugs as per the design.

Involved in frequent customer interactions to document the issues, work on getting it fixing the issues during implementation and go live process.

Configured Node manager to remotely administer Managed servers.

Experience in handling network resources and protocols such as TCP/IP, Ethernet, DNS.

Ability to troubleshoot Splunk infrastructure components in highly available, multi-site design.

Created Splunk applications and deploy using Splunk Deployment Server.

Scripting and development skills (Python, Shell) with strong knowledge of regular expressions.

Environment: Splunk Enterprise, JDA Retail, Tomcat 6,SSL, Oracle 11g, SQL, RHEL Linux, Oracle 10g,11g, XML CSS,Javascript,Python, Sales Force CRM Shell Script.

Software Engineer

Myzingo ecommerce Service Pvt. Ltd, India.

Buytheprice.com

June’10 – April’13.

Responsibilities:

Responsible for Installation, Configuration and Administration of WebSphere Application Server 7.0/6.0 on RHEL Linux and Windows platforms.

Integrated Apache Web Server with IBM WebSphere Application Server on RHEL Linux and Windows platforms.

Involved in Designing and developing responsive and functional UI using technologies like jQuery, CSS, HTML.

Installation, Configuration MySQL, Apache in both Linux and windows environments.

Played a major role in migrating WebSphere Application Server 6.1 to WebSphere Application Server 7.0

Deployed EARs, WARs in the WebSphere Application Servers.

Created roles and users and assigned the roles to the user groups to provide the security.

Expertise in working with Virtual Hosts, Shared Libraries, JVM Parameters.

Experienced in working with various databases like SQL Server and Oracle.

Created and configured vertical and horizontal cluster environments on AIX, Red Hat Enterprise Linux, and Windows environments.

Generated UNIX scripts for build activities in QA, Staging and Production environments.

Created JDBC connections between the WAS ND and the nodes within the cell.

Worked with Database teams and Security teams in troubleshooting the production issues.

Contact this candidate