SUMMARY

• Over 9+ years of diverse experience in Configuring, Monitoring, Implementing Splunk server Infrastructure across Windows, LINUX and UNIX operating systems.
• Developed and scheduled new Splunk capacity dashboards, data models & performance reports to assist Sr. management in making business critical capacity decisions.
• Created data models using Pivot tables in Splunk, after mining data and extracting key information for capacity planning purposes.
• Develop custom app configurations (deployment - apps) within SPLUNK in order to Parse, Index multiple types of log format across all application environment.
• System Administration familiar with Window Servers, Red Hat Linux Enterprise Servers, Solaris and IBM AIX servers.
• Extensive experience in Deploying, Configuring and Administering Splunk clusters.
• Various types of charts Alert Settings Knowledge of App Creation, User and Role access permissions.
• Expertise in actuate Reporting, Development, Deployment, Management and Performance Tuning of reports.
• Expertise in Search Head Cluster, Indexer Cluster, Heavy forwarders, Deployment Server, License Master, Deployer and Master Node
• In depth and extensive Knowledge in setting up Alerts and Monitoring recipes from the Machine generated data
• Understanding of Network Firewalls, Load-balancers, LDAP and complex network design.
• Experience on Splunk Enterprise Deployments and enabled continuous integration on as part of configuration (props. conf, Transforms. Conf, Output.confg) management.
• Experience with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On’s, Dashboards, Clustering and Forwarder Management.
• Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Expertise Splunk query language and Monitored Database Connection Health by using Splunk DB connect health dashboards.
• Collecting detailed usage of Amazon Web servers.
• Experience with Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling.
• Worked on log parsing, complex Splunk searches, including external table lookups.
• Experience on use and understand rex, Sed, erex and IFX to extract the fields from the log files.
• Experience on Splunk data flow, components, features and product capability.
• Experience on Splunk search construction with ability to create well-structured search queries that minimize performance impact.
• Created clustered and non-clustered indexes for increasing the performance, also monitored the indexes by troubleshooting any corrupt indexes by removing fragmentation from indexes.
• Worked on the version control tools like SVN.
• Excellent communication and interpersonal skills.
• Expertise at accessing client needs, working in a group, suggesting ideas that enhance Efficiency and maximize performance, implementing cutting-edge technology solutions and training end users.
• Maintain 24x7 uptime in production server's environment.

TECHNICAL SKILLS

Operating Systems: Windows 2000,2008, XP, Windows NT, Suse Linux, Red hat, VM Ware, IBM AIX

Splunk Modules: Splunk 6.2/6.3/6.4/6.5 , Splunk on Splunk, Splunk DB Connect, Splunk Cloud, Splunk Common Informational Model, Splunk Add on for Microsoft Cloud services, Splunk Utilization Monitor, Splunk App for WebLogic Server and WebSphere Application Server, Monitoring of JMX, Splunk App for UnixDistributed Management Console etc.

Programming Language: C,C++, Java, Python

RDBMS: Oracle, MS-SQL Server, Sybase, IBM DB2

Web Technologies: HTML4/5, CSS3, DHTML, JavaScript, XML, XSL, XSLT

Web/App Servers: Apache Tomcat 6.0, web logic8.1/9.2, WebSphere Application Server 6,7,8,8.5 WebLogic, WebSphere MQ Server 6.x,/7.x, Jboss Application Server, IBM HTTP Server, Sun One webserver, IIS 7.x, Apache Webserver

Monitoring Tools: Splunk 5x, 6x, New relic, Dynatrace, Wily Introscope, Foglight, Tivoli, ELK NagiosXI

SCM Tools: Chef, SVN, JIRA, GitHub, Jenkins

Scripting: Shell, Batch, Java, Ruby

PROFESSIONAL EXPERIENCE

Confidential, Houston, TX

Sr. Splunk Consultant Expert

Responsibilities:

• Designing, scaling out, and maintaining AWS Cloud-based infrastructure.
• Designing and writing code to develop and maintain systems which powers Splunk cloud services hosted in the public cloud.
• Developing Scripts and applications to automate system deployment scaling and infrastructure.
• Implement horizontally scaled out systems, which allow thousands of concurrent Splunk users.
• Implementing zero-downtime production pushes. Provide fanatical production support for applications and infrastructure.
• Create event type definitions.
• Set indexing property configurations, including timezone offset, custom source type rules. Configure regex transformations to perform on data inputs. Use in tandem with props.conf
• Helping application teams in on-boarding Splunk and creating dashboards/alerts/reports etc. Deployed, configured and upgraded 24 search heads, 30 indexers as well.
• Troubleshooting of searches for performance issues.
• Assisted in upgrade of Splunk from version 6.3 to version 6.5
• Design, build, support and maintain Splunk infrastructure in a highly available configuration
• Perform installation, configuration management, license management, data integration, data transformation, field extraction, event parsing, data preview, and Apps management of Splunk platform
• Standardize Splunk forwarder deployment, configuration and maintenance in Linux and Windows platforms
• Collaborate with internal teams to integrate data feeds to a centralized Splunk platform
• Troubleshoot Splunk indexers, search heads and forwarder problems
• Build, customize and deploy Splunk apps as per internal customer needs
• Create data retention policies and perform index administration, maintenance and optimization
• Develop and maintain production quality dashboards, custom views, saved searches and alerts for Splunk Operations and for other clients as per their requirements
• Create and maintain architectural diagrams and other relevant documentations for the Splunk platform
• Assist internal users of Splunk in designing and maintaining production quality dashboards
• Arrange necessary trainings to Splunk internal customers
• Act as an escalation point for 24x7 operations support for Splunk
• Monitor Splunk infrastructure for capacity planning and optimization
• Design core scripts to automate Splunk maintenance and alerting tasks
• Experience with installing, configuring, and administering Splunk.
• Design, support and maintain Splunk cluster infrastructure in a highly available, geo-redundant configuration.
• Standardized Splunk agent deployment, configuration and maintenance across a variety of UNIX and Windows platforms
• Troubleshoot Splunk server and agent problems and issues
• Assist internal users of Splunk in designing and maintaining production-quality dashboards
• Mentor and train Splunk users and administrators
• Monitor the Splunk infrastructure for capacity planning, scalability, and optimization
• Work hands-on with the engineers to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Provide recommendations to optimize a large scale Splunk architectural deployment
• Integrate Splunk with the existing operational tool kit
• Experience with managing 5+ TB indexing Splunk clusters.
• Administrate Splunk cluster and conduct Splunk searches

Environment: Splunk 5/6, Splunk modules, Splunk indexers, splunk forwarder, Tomcat 6.0, RHEL- 5/6,Centos,Ubuntu, F5 BIG-IP, Puppet, Chef, git, Nagios, Open LDAP, Atlassian Jira.

Confidential, Lincolnshire, IL

Splunk Consultant Expert

Responsibilities:

• Created Dashboards, Visualizations, Statistical reports, scheduled searches, alerts and worked on creating different other knowledge objects.
• Gather and understand the customer requirements.
• Installation and configuration of Splunk instances for varieties of data and dynamic velocity of data
• Developed the dashboards for platform components, configured and deployed Splunk components (Universal/Heavy Forwarders, Indexers etc.)
• Involved in installing and using Splunk app for Linux and Unix.
• Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields in to Splunk.
• Experience with Splunk regex and integrating with reporting tool like JIRA, Service now.
• Perform the periodic check the logs of all the recent jobs done and escalating the issue if there is any error.
• Identifying bad searches, dashboards and communication with the team to make it a better search.
• Set up Splunk to capture and analyze data from various layers Load Balancers, Web servers and application servers.
• Performed a scripted installation of universal forwarders.
• Create Splunk applications and deploy using Splunk Deployment Server
• Designing and maintaining production-quality Splunk dashboards.
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Create Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards
• Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Monitored Database Connection Health by using Splunk DB connect health dashboards.
• Dashboards were created to monitor the traffic volume across, response times, Errors, Warnings across various data centers, applications and servers
• Set up alerts when the response time or traffic falls above or below expected limit.
• Installation and Maintenance of Spelunk Universal Forwarders, Solving Forwarder Issues, Deployment Server Classes and Apps through Deployment Server.
• Installation and Maintenance of Spelunk Universal Forwarders, Solving Forwarder Issues, Deployment Server Classes and Apps through Deployment Server.

Environment: Splunk 6.x, JBoss 7.x, Tomcat 7.x, BIGIP Load Balancers, Chef, Configured plug-ins for Apache HTTP server 2.4, RedHat Linux 6.x, LDAP, JDBC, JDK1.7, J2EE, JSP, Servlets, JMS, XML, Oracle 11g, Solaris 10, SVN, CVS.

Confidential, Indianapolis, IN

Splunk Lead

Responsibilities:

• Design and implement Splunk Architecture for North America Datacenter with 500GB of licensing
• Gathered requirements, planned capacity, retention policy and provided estimates for clients.
• Configured Search Head Cluster, Indexer Cluster, Heavy forwarders, Deployment Server, License Master, Deployer and Master Node.
• Managed Splunk team and assigned work to offshore team.
• Interacted with Multiple clients during requirement gatherings and provided road map designs for Splunk solutions.
• Installed and configured Universal Forwarders and Heavy Forwarders to bring any kind of data fields in to Splunk.
• Installed Splunk apps like Splunk on Splunk, Splunk app for WebLogic Server, Splunk app for REST API, Splunk app for Unix, Splunk app for JMX, splunk app for DB Connect, Splunk app for Microsoft cloud services, Common Information Model etc.,
• Created custom Dashboards, Alerts and Reports to meet requirements of various user groups.
• Development and customization of Splunk using XML templates and advanced configuration
• Build custom Splunk App dashboards with search forms and views, packaging and distribution.
• Developed Schedule reports and Alerts for various requests.
• Wrote Bash scripts to automate the installation of Universal Forwarders on Windows and Unix
• Summary indexing and data modeling experience.
• Manipulated the Raw Data and Worked on Field Extraction using Commands Rex and Regex.
• Troubleshoot and resolve the issues related to performance Queues, log monitoring and role mapping.
• Integrated Splunk with a wide variety of legacy data sources that use various protocols.
• Consulting with customers to customize and configure Splunk in order to meet their requirements.
• Standardize Splunk forwarder deployment, configuration and maintenance in Linux and windows platforms.
• Set up the Splunk to monitor the customer volume and track the customer.
• Installed and configured Splunk DB Connect 2 in Single and distributed server environments.
• Evaluate, test and implement major and minor revision releases as they become available from Splunk.
• Constantly monitor and report to proactively detect and resolve issues before occurring.
• Expertise in Report acceleration
• Provide regular support guidance to Splunk project teams on complex solution and issue resolution. Created Dashboards, report, scheduled searches and alerts.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Integrated Service Now with Splunk to generate the Incidents from Splunk.
• Designing and maintaining production-quality Splunk dashboards.
• Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Field Extraction, Using Ifx, Rex Command and Regex in configuration files.

Environment: s:SPLUNK 6.3,6.4.1, Splunk DB Connect, Oracle 12c, My Sql, Linux, Windows Server, WebSphere Application Server, WebLogic Application Server, IBM Data power.

Confidential, Richardson, TX

SrSplunk Admin/Developer

Responsibilities:

• Experience developing Splunk queries and dashboards targeted at understanding
• Have Knowledge in various search commands like stats, chart, time chart, transaction,
• Experience in working with Splunk authentication and permissions and having significant
• Experience in supporting large scale Splunk deployments.
• Having experience in understanding of Splunk 5.x and 6.x product, Distributed Splunk architecture and components including search heads, indexers and forwarders.
• Experience in Extraction on Search time vs. Index time field extraction
• Good Understanding of configuration files, precedence and daily work exposure to Props. conf, transforms. conf, inputs. Conf, outputs. Conf
• Maintenance of Splunk Environment with multiple Indexers and Manage and configure index settings.
• Designed core scripts to automate Splunk maintenance and alerting tasks
• Created many of the proof-of-concept dashboards for IT operations, and service owners which are
• Monitor application and server health.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Various types of charts Alert Settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects.
• Integrate Service Now with Splunk to generate the Incidents from Splunk.
• Involved in Admin in managing most of the objects and configurations.
• Created many of the proof-of-concept dashboards for IT operations, and service owners, which are used to monitor application and server health.
• Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports
• Parsing, Indexing, searching concepts Hot, Warm, Cold, Frozen bucketing.
• Onboard new log sources with log analysis and parsing to enable SIEM correlation.
• Subject matter expert in best practices, security protocols, PKI, and other security-related issues.
• Analyzed large datasets to identify metrics, drivers, performance gaps and opportunities for improvement.

Environment: s: Splunk5.x, Splunk6.1, Splunk6.2, Restful, SOA, Linux OS, Service Now, XML, XSLT, SIEM, JMS.

Confidential, El Segundo, CA

Splunk Engineer

Responsibilities:

• Integrated Splunk with Active directory and LDAP authentication.
• Expertise with Splunk UI/GUI development and operations roles.
• Helped in Integration of Splunk with Service now, maintaining Splunk Instance and Monitoring health of the Cluster.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Helped the client to setup alerts for different type of errors.
• Played a major role in understanding the logs, server data and brought an insight of the data for the users.
• Involved in using Splunk Deployment Server for managing Splunk instances and troubleshooting issues.
• Installed Splunk on nix and Splunk SOS for monitoring the health of the clusters.
• Created set of user roles to in LDAP and single sign on implementation.
• Involved in setting up alerts for different type of errors, analyzed security based events, risks and reporting instances.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Developed, evaluated and documented specific metrics for management purpose.
• Using SPL created Visualizations to get the value out of data
• Created Dashboards for various types of business users in organization.
• Provided technical services to projects, user requests and data queries.
• Involved in assisting offshore members to understand the use case of business.
• Assisted internal users of Splunk in designing and maintaining production-quality dashboard.
• Used Data Meer to analyze the transaction data for the client.
• Involved in writing complex IFX, rex and Multi kv command to extracts the fields from the log files.
• Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows
• Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Involved in installing and using Splunk app for Linux and UNIX

Environment: s:Splunk, Linux, Bash, Perl, Sed, rex, erex,SplunkKnowledge Objects, Python.

Confidential

Responsibilities:

• Responsible for the study and analysis of the systems design and implementation.
• Responsible for installation and configuration of MS SQL Server 2000 for development purposes.
• Created various database objects including tables, stored procedures and functions.
• Involved in tuning the existing T-SQL code for performance improvement.
• Followed the best practices in writing T-SQL for universal readability and reusability of code.
• Interacted with analysts and otherdevelopersin understanding and identifying the business requirements.
• Created stored procedures to hold the business logic.
• Created views as per client requests.

Environment: s: MS SQL Server 2000, DTS, T-SQL