SUMMARY

• A Splunk engineer having 6 years with strong experience as a Splunk developer and administration, automation & fix activities.
• Keenly interested in architecting and deploying Splunk; Enterprise security delivering innovative solutions around fix and automation, log analysis and data visualization; and open to learning new technologies to pursue that end.
• Experience in all facets of SDLC viz. requirement analysis, designs, development, testing, and post implementation revisions.
• Design, Deploy, and Support enterpriseSplunklogging application. Assist other enterprise instances asSplunkSubject Matter Expert SME.
• Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Strong experience with Splunk 5.x and 6.x product, distributed Splunk architecture and components including search heads, indexes and forwarders.
• Expertise in creating Splunk, Dashboards, Reports and Alerts to meet business use cases.
• Expert in installingSPLUNKapps for distributed environment.
• Experience in working on Splunk Hunk.
• Experience in creating different visualizations using Bar, Line and Pie chart, Background Maps, Box plots, Scatter plots, Gantt charts, Bubble charts, Histograms, Trend lines & statistics, Bullets, Heat maps and Highlight tables.
• Used various Splunk Apps such as Splunk on Splunk, Universal Field Extractor, Splunk App for UNIX/Linux, Splunk DB1 Connect.
• Skilled in deploying, configuring and administering Splunk clusters.
• Troubleshooting and handling post production issues, on - site support, worked closely with engineering to coordinate and provide all the required information and interacting with the client.
• Strong qualitative analysis skills to lend insight into highly ambiguous and sensitive business problems. In-depth understanding of processes and technology integration challenges.
• Triggers using PL / SQL and UNIX Shell scripts.
• Good knowledge in Spunk DB Connect App and Basic understanding of Enterprise Security app.
• Hands on experience in Python, Shell Scripting, TIBCO designer, Oracle SQL, Siebel eScript, Java Script, CSS, HTML, Auto Hot Key.
• Expert in installing and configuring Splunk forwarders on Linux, Unix and Windows.
• Installed, configured and administered Web Servers like Apache 2.x HTTP Server, Apache Tomcat 6.x, Sun One 6.x Web Server and Microsoft IIS Server for WebLogic plug-ins.

TECHNICAL SKILLS

Log Analysis Tool: Splunk Enterprise Server 5.x/6.x, Splunk Universal Forwarder 5.x/6.x, Splunk DB Connect

Web/App Servers: Web Sphere Application Server 5.0/6.x/7.x/8.x, Web Sphere MQ Sever 6.x/7.x, WebSphere XD 6.0/6.1, IBM Http Server 6.x/7.x/8.x, Apache Web Server 2.x, Tomcat 5.5, IIS 6/7.x

Operating Systems: IBM AIX (5.1/6.1), RHL Linux, Windows Server 2003/2008 R2, VMWare

Programming: Java, J2EE, C++, C, SQL/PL SQL, HTML, DHTML, XML.

Scripting: JACL, Python, WSCP, WSADMIN, Korn Shell Script, Perl, JavaScript, CSS, Batch

Databases: Oracle (8i/9i), UDB/DB2, Sybase, MS SQL Server, IBM DB2

Monitoring tools: Wily Introscope 8.x/9.x, Tivoli, BSM Topaz, Tivoli Performance Viewer, IBM Thread and Heap Analyzers

Networking: TCP/IP Protocols, Socket Programming, DNS.

Frame work: MVC, J2EE Design Patterns, Struts.

IDE: Eclipse, RAD 7, Net Beans, Edit plus, TOAD

Others: Site Minder r6/r12/r12.5, Ping Federate 6.X,7.X

PROFESSIONAL EXPERIENCE

Confidential, Dearborn, Michigan

Splunk Developer

Responsibilities:

• Installed, configured and administered Splunk Enterprise Server and Splunk Forwarder on Redhat Linux and Windows servers.
• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Built dashboards, views, alerts, reports, saved searches using XML, Advanced XML and Search Processing language (SPL) as and when required.
• Performed Field Extractions and Field Transformations using the Regular Expressions in Splunk.
• Worked in data-flow design for dataingestion, transformation and analytics layers.
• Created Splunk Apps using XML and Web Components. Knowledge of app creation, user and role access permissions.
• Created tags, Event types, field lookups, using regular expressions, aliases for search-time outputs and visualizations.
• Worked with Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
• Created custom app configurations (deployment-apps) within SPLUNK to parse, index multiple types of log format.
• Used SPLUNK’s REST API in order to perform searches from various application interfaces.
• Involved in developing complex scripts to automate batch jobs, troubleshooting and resolved the Splunk - performance, search poling, log monitoring issues; role mapping, dashboard creation etc.
• Developed a POC on usage of Puppet Configuration Management tool.
• Involved in Root cause analysis for the issues encountered. Provided on call support for all the production applications.

Environment: Splunk Enterprise Server 5.x/6.x, Universal Splunk Forwarder 5.x/6.x, RedHat Linux, Oracle, HACMP 5.4, HTML, Java Script, XML, Use of Regular expressions.

Splunk Developer

Responsibilities:

• Expertise with Splunk UI/GUI development and operations roles.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Involved in setting up alerts for different type of errors.
• Developed, evaluated and documented specific metrics for management purpose.
• Using SPL created Visualizations to get the value out of data.
• Created Dashboards for various types of business users in organization.
• Played a major role in understanding the logs, server data and brought an insight of the data for the users.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Developed build scripts, UNIX shell scripts and auto deployment processes.
• Good experience in creating Splunk apps, navigations, interfaces and good experience on Splunk lookups, macros, Pivot, datamodels, lookup files and their publication into Splunk.
• Experience on use and understand of complex RegEx (regular expressions).
• Provided technical services to projects, user requests and data queries.
• Involved in helping the Unix and Splunk administrators to deploy Splunk across the UNIX and windows environment.
• Worked to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Involved in installing and using Splunk app for Linux and Unix.

Confidential, Brentwood, TN

Splunk Admin

Responsibilities:

• Implemented forwarder configuration, search heads and indexing.
• Created Dashboards, report, scheduled searches and alerts.
• Creating Vulnerability dashboard that aggregates data across multiple services to identify critical threats and proactively mitigate risks.
• Developing custom web application solutions for internal ticket metrics reporting.
• Provide regular support guidance to SPLUNK project teams on complex solution and issue resolution with the objective of ensuring best fit and high quality.
• Interact with the data warehousing team regarding extracting the data and suggest the standard data format such that Splunk will identify most of the fields.
• Onboard new log sources with log analysis and parsing to enable SIEM correlation.
• Subject matter expert in best practices, security protocols, PKI, and other security-related issues.
• Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Installed, upgraded patches, deployment, monitor, tuning and configuration of Weblogic Application Server in multi cluster/server environment.
• Performed field extraction using IFX in an event action.
• Involved in setting up alerts for different type of errors.
• Analyzed security based events, risks and reporting instances.
• Gained in depth knowledge on Ant build and Web Sphere servers.
• Involved in handling various Incident and request related to the application.
• Worked closely with business partners in addressing their queries.

Environment: SPLUNK 6.0.1, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL.

Confidential, NC

Splunk /Hulk Engineer

Responsibilities:

• Knowledge in creating providers, virtual indexes in Splunk Hunk and troubleshooting configuration issues.
• Responsible for designing, developing, testing, debugging, deploying and maintaining Splunk/HUNK solutions and dashboards running on Big Data technologies such as Hadoop
• To Develop reliable, efficient queries that will feed custom Alert, Dashboards and Reports.
• Populate Splunk/HUNK from 3rd party data sources.
• Indexing data from various sources such as Zabbix, Kafka, open stack.
• Expert in creating Splunk knowledge objects. Hands on experience in installing Splunk TASSymantec DLP, Splunk DB connect Splunk App for AWS and more.
• Experience in providing monitoring and response to security events in Security Operations Center (SOC) team.
• Worked on Security solutions (SIEM) that enable organizations to detect, respond and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions.
• Experience in creating Access controls, to user by creating AD (Active Directory) groups power and user groups.
• Experience with Active Directory and SSO Single sign-On option.
• Configure the add-on app SSO Integration for user authentication and Single Sign-on in Splunk Web.
• Experience in Python general scripting, Hands on Experience in secure coding.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Responsible for documenting the current architectural configurations and detailed data flow and Troubleshooting Guides for application support

Environment: Splunk Enterprise Server 5.1.2, Splunk Forwarder 5.1, 5.4, XML, VMware

Confidential

System Engineer

Responsibilities:

• Responsible for monitoring Linux/Unix infrastructure including Linux, Solaris, AIX. Provide primary administration support for 600 Linux Servers.
• Decommissioning applications from unused nodes and rebuilding them for new projects.
• Performed PXE based installations on IBM servers.
• Performed installation of new software packages, patches and upgrades.
• Resolve monitoring alerts for Solaris and AIX servers like disk, CPU, swap and processes.
• Worked on migration projects involving migration from UNIX based platform to Linux.
• Helped in upgrading servers from RHEL4.x to RHEL 5.x.
• Responsible for user/group management, setting user quota, access management etc..
• Administered and configured DHCP, NFS, FTP, HTTP servers.
• Worked with Datacenter teams to resolve hardware issues and replace parts.
• Performed day to day activities related to monitoring, managing file space, log rotation,
• Managing scheduled backups through TSM, setting limits and kernel parameters.
• Co-ordinated with vendors, customer (users), managers to build systems and standards.
• Worked in various shifts to provide 24x7 support and on call support on weekends.

Environment: RHEL: 4.x, 5.x, Solaris, AIX, TSM, IBM and HP servers.