Splunk Admin Resume
2.00/5 (Submit Your Rating)
SUMMARY:
- Having 6 years of experience in IT industry.
- Around 3+ years of experience as Splunk Admin, performed activities including requirement analysis, design and implementations on various client server - based applications using Splunk 7.0v.
- 2.9 years of Experience on Symantec Netbackup admin.
- Onboard new applications by install UF and configure inputs, outputs files by using Deployment server.
- Setup Splunk Forwarders for new application levels brought into environment.
- Onboard new source log for existing application servers by adjusting configuration files in Deployment server and reloading the serverclas.
- Working on Deploying apps from Deployment server to multiple Splunk instances.
- Extensive experience in Linux/UNIX, windows, expertise in Installation, Configuration, Trouble-Shooting and Maintenance of Splunk.
- Extensive experience and actively involved in Requirements gathering, Analysis, Reviews..
- Good Hands-on experience in configuring Universal forwarders, Heavy forwarders, Indexers and Search head.
- Good Experience in different configuration files like inputs.conf, outputs.con, Props.conf, indexes.conf Transforms.conf, etc
- Monitor the license master on daily basis.
- Monitor the cluster health check via indexer master.
- Troubleshoot deployment and data indexing issues
- Ability to manage data retention policies and perform index administration, maintenance and optimization, configuration backups.
- Design plan for Indexer storage size for the upcoming quarters by discussing with management. plan for additional search head to accommodate more users in the long run.
- Knowledge on Search Head cluster concept.
- Good understanding of Splunk dashboards and Splunk alerts. User and group management within Splunk.
- Aware of creating roles and users by providing access to required data and capabilities.
- Creating index and manage indexer cluster and apply bundle to indexer when create new index.
- Aware of doing rolling-restart/ offline of indexer.
- Manage indexed data by creating buckets in index ( hot,warm,cold, frozen/thawed).
- Implemented workflow actions to drive troubleshooting across multiple event types in Splunk. Upgrade and Optimize Splunk setup with new discharges.
- Uninstall the Splunk packages in Linux/Unix machines.
- Aware of enable the receiving port and default port changes.
- Knowledge of various search commands like stats, chart, time chart, transaction, strptime, strftime, eval, table etc.
- Experience with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
- Participate as an escalation point for 24x7 operations support for Splunk
TECHNICAL SKILLS:
Operating System: Linux/Unix and Windows Family
Server: Windows Server 2003/2008/12 and red hat, ubuntu.
Hardware: Installation, Assembling, Troubleshooting & Maintenance.
Networking: TCP, LAN/WAN
Database: Oracle SQL, MYSQL
Tools: Splunk, Netbackup
PROFESSIONAL EXPERIENCE
Confidential
Splunk Admin
Environment: Splunk Enterprise Server 6.x.x/7.x.x, Splunk Forwarder, RedHat Linux, Windows 2008 R2.
Responsibilities:
- Configured and managed Splunk universal forwarder using configuration files of inputs and outputs.
- Deployed a central architecture to manage the forwarders using Deployment Server.
- Configured the Deployment server with serverclass for various applications along with its repository folders.
- Implemented individual search head binding with indexers to reduce the workload on indexers
- Managed Splunk Indexer Cluster components.
- Knowledge on Search head cluster.
- Experienced in managing Splunk License master and its slaves.
- Created Splunk index with bucket rotation policies.
- Designed retention and retirement policies for various index.
- Created custom Splunk index using external volumes
- Managed Indexer Clusters including security, hot and cold bucket management and retention policies.
- Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
- Knowledge about Splunk architecture and various components (Indexer, forwarder, search head, deployment server)
- Knowledge in maintaining Indexer Cluster with maintenance mode and offline modes
- Experienced in calculating storage space and predict the Indexer Hardware requirements
- Experienced in calculating the bucket-based parameters for index.
- Knowledge in designing Index Replication factor and Search factor
- Designed Splunk Heavy Forwarder to parse and filter the data.
- Implemented Splunk configurations in HF to mask the customer sensitive information.
- Designed configurations to remove garbage data before processed into index queue.
- Monitor the license master on daily basis.
- Monitor the cluster health check via indexer master.
- Troubleshoot deployment and data indexing issues.
- Designed data inputs with line merging and timestamp extraction
- Upgraded Splunk with new releases to utilize the upgraded features
- Configured Splunk throughput rate, web enabling parameters.
- Knowledge on change Splunk default ports
- Manually to clean the dispatch directory in Splunk Search head.
- Deployed basic queries using generating search commands like stats, chart, time chart, tables etc.
- Expertise in creating and managing Splunk based weekly and monthly reports with email out.
- Basic user of Splunk GUI to run the normal queries for troubleshooting and first level of data analysis dashboards
Confidential
Splunk admin - L1 Support
Environment: Splunk Enterprise Server 5.x.x/6.x.x, Splunk Forwarder, RedHat Linux,Windows 2008 R2.
Responsibilities:
- Install, configure and administer Splunk Enterprise Server 6.x and Splunk Forwarder on Red hat Linux and Windows severs.
- Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
- Designed configurations to filter the appropriate data using whitelist filters as well as to discard the unwanted historical data using ignore filters.
- Deployed a central architecture to manage the forwarders using Deployment Server.
- Configured the Deployment server serverclass for various applications along with its repository folders.
- Work closely with Application Teams to create new Splunk dashboards for Operation teams.
- Configured and managed Splunk universal forwarder using inputs and outputs.
- Configured Splunk Universal forwarder to listen on non-default ports to avoid conflicts.
- Knowledge Splunk index with bucket rotation policies.
- Created and configured management reports and dashboards.
- On a scheduled basis, configure backups, verify custom reports, manage log source groups, and validate log sources with client
- Troubleshoot issues with log sources or systems with L2 peoples, and report system defects as needed.
Confidential
Netbackup admin - L1 Support
Responsibilities:
- Supporting 9 Unix master and 350+ windows master servers.
- Monitoring the backup and restore jobs.
- Removing and added Client servers to Master server.
- Install the net backup software in windows master and client servers.
- Troubleshooting on various problems while taking backups and restores.
- Managing NDMP Backups.
- Analyzing the Net backup logs and reports.
- Multi-streaming and multiplexing to tune the backups for best performance.
- Manage tape drives and Shared storage tape drives.
- Taking Adhoc backup’s for mentioned file list by the requester during migration or maintenance activities.
- Backup support for Soft and permanent decommission of client and media servers.