SUMMARY

• 6+ years of experience in configuring, implementing and supporting Splunk server infrastructure across Windows, UNIX and Linux. Experience with a variety of Operating Systems Protocols and Tools, depending on the type of platform or application to be administered
• Architecture various components within Splunk (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, Parsing, Indexing, Searching concepts, Hot, Warm, Cold, Frozen bucketing, License model
• Upgrade and Optimize Splunk setup with new discharges.
• Setup Splunk Forwarders for new application levels brought into environment.
• Extensive experience in deploying, configuring and administering Splunk clusters.
• Helping application teams in on - boarding Splunk and creating dashboards, alerts, reports etc.
• Develop custom app configurations (deployment-apps) within SPLUNK in order to parse, index multiple types of log format across all application environments.
• System Administration familiar with Windows Servers, Red Hat Linux Enterprise Servers, Solaris and IBM AIX servers.
• Created and configured websites and application pools in IIS and worked extensively on .Net deployments in Windows space
• Experience in Shell scripting and extensively used Regular expressions in search string and data anonymization.
• Worked broadly on firm wide Enterprise Releases and DR events.
• Understanding of Network Firewalls, Load-balancers, LDAP and complex network design.
• Experience in Optimized search queries using summary indexing.
• Excellent skills on troubleshooting and problem determination of HTTP/System/ Network related problems including monitoring, capacity planning and maintenance by providing 24X7 support on call for all mission critical applications.
• Expertise on investigating HTTP issues using tools like Fiddler, HTTP Analyzer etc.
• Strong background in a disciplined software development life cycle (SDLC).
• Excellent analytical and interpersonal skills and ability to learn new concepts and supported 24/7 on call in production and development environment.
• Excellent Communication Skills and Presentation Skills, Comprehensive problem solving abilities.
• Skilled at accessing client needs, working in a group, suggesting ideas that enhance efficiency and maximize performance, implementing cutting-edge technology solutions and Training/Supporting end users.
• Have experience working in different environments and also with the process flows in AGILE as well as Waterfall methodologies.

TECHNICAL SKILLS

Log Analysis Tool: Splunk Enterprise Server 4.x.x/5.x.x/6.x.x, Splunk Universal Forwarder 4.xx/5.xx/6.xx

Web/App Servers: WebSphere Application Server 5.0/6.x/7.x/8.x, Web Sphere MQ Sever 6.x/7.x, WebSphere XD 6.0/6.1, IBM Http Server 6.x/7.x/8.x,Apache Web Server 2.x, Tomcat 5.5, IIS 6/7.x

Operating Systems: IBM AIX (5.1/6.1), RHL Linux, Windows Server2003/2008 R2, VMWare

Programming: C#, VB, C++, C, SQL/PL SQL, HTML, DHTML, XML.

Scripting: JavaScript, WSCP, WSADMIN, Korn Shell Script, Perl, CSS, Batch

Databases: Oracle (10g/11i), UDB/DB2, Sybase, MS SQL Server, IBM DB2

Monitoring tools: Wily Introscope 8.x/9.x, Tivoli, BSM Topaz, Tivoli Performance Viewer, NMON (AIX), IBM Thread and Heap Analyzers

Networking: TCP/IP Protocols, Socket Programming, DNS.

Frame work: MVC, J2EE Design Patterns, Struts.

IDE: Eclipse, RAD 7, Net Beans, Edit plus, TOAD

Others: Site Minder r6/r12/r12.5, PingFederate 6.X,7.X

PROFESSIONAL EXPERIENCE

Confidential, San Jose, CA

Splunk Developer/Admin

Responsibilities:

• Install, configure and administer Splunk Enterprise Server 6.x.x and Splunk Forwarder6.x.x on Redhat Linux
• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Work closely with Application Teams to create new Splunk dashboards for Operation teams.
• Troubleshooting and resolve the Splunk - performance, search poling, log monitoring issues; role mapping, dashboard creation etc.
• Worked on Confidential genie application to analyze the data and create dashboards which would help the business.
• Experience in integrating Splunk with Tableau.
• Experience in communicating with other teams in gathering data and requirements
• Helping the marketing team in improving their sales by showing the analysis using Splunk
• Indexing data from apache log servers into Splunk and creating dashboards.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects
• Experience in using scripting languages.
• Creating alerts to know the errors in indexing.

Confidential, Austin, TX

Splunk Developer/Admin

Responsibilities:

• Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
• Install, configure and administer Splunk Enterprise Server 6.0.4 and Splunk Forwarder 4.x.x/5.x.x/6.x.x on Redhat Linux and Windows servers.
• Created Regular Expressions for Field Extractions and Field Transformations in Splunk.
• Anonymize the Personally Identifiable Information data in Splunk. Masked sensitive information such SSN numbers, Addresses when showing results in Splunk.
• Configure Splunk for all the mission critical applications and using Splunk effectively for Application troubleshooting and monitoring post go lives
• Experience using Python and Perl scripting languages for forwarding the data to the indexers
• Supported 8+ Splunk search Heads, 50 + Indexers, 3200 + forwarders.
• Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing.
• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Work closely with Application Teams to create new Splunk dashboards for Operation teams.
• Troubleshooting and resolve the Splunk - performance, log monitoring issues; role mapping, dashboard creation etc.
• Field Extraction, Using Ifx, Rex Command and Regex in configuration files.
• Various types of charts Alert settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects
• Created Dashboards and Reports to show Login count of each application, to show which app resources being accessed more, Number of failed logins, statistics on High hitting applications.
• Use techniques to optimize searches for better performance, Search time vs Index time field extraction. And understanding of configuration files, precedence and working.
• Create dashboard from search, Scheduled searches o Inline search vs scheduled search in a dashboard

Environment: SPLUNK 6.0.1, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL, Python, Perl

Confidential, NE

Splunk Administrator and Developer

Responsibilities:

• Install, configure and administer Splunk Enterprise Server 6.0.4 and Splunk Forwarder 4.x.x/5.x.x/6.x.x on Redhat Linux and Windows severs.
• Setup Splunk Forwarders for new application tiers introduced into environment and existing applications.
• Work closely with Application Teams to create new Splunk dashboards for Operation teams.
• Troubleshooting and resolve the Splunk - performance, search poling, log monitoring issues; role mapping, dashboard creation etc.
• Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
• Created Regular Expressions for Field Extractions and Field Transformations in Splunk.
• Anonymize the PII (Personally Identifiable Information) data in Splunk. Masked sensitive information such SSN numbers, Addresses when showing results in Splunk.
• Configure Splunk for all the mission critical applications and using Splunk effectively for Application troubleshooting and monitoring post go lives
• Supported 8+ Splunk search Heads, 50 + Indexers, 3200 + forwarders.
• Created Dashboards and Reports to show Login count of each application, to show which app resources being accessed more, Number of failed logins, statistics on High hitting applications.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs.conf and Inputs.conf files
• Configured Splunk forwarder to send unnecessary log events to “Null Queue” using props and transforms configurations to reduce license costs.
• Extensively involved in troubleshooting the issues and document the problem resolutions for future references. Attended Change management meetings for approval for the applications which are supposed to go live and provided the MOM of CM meetings to the team.
• Experienced in attending the bridge calls for production issues and non-prod issues and involved application teams or database teams or networking teams to resolve the issues and involved in Root cause analysis for the issues encountered. Also provided 24/7 on call support for all the production applications.
• Involved in developing complex scripts to automate batch jobs.
• Developed a POC on usage of Puppet Configuration Management tool.

Environment: Splunk Enterprise Server 4.x.x/5.x.x/6.x.x, Universal Splunk Forwarder 4.x.x/5.x.x/6.x.x, RedHat Linux, IBM HTTP Web Server 6.1/7/8, Oracle, HACMP 5.4, HTML, Java Script, XML, Wily Introscope 9.x, IIS 7, Windows 2003, Windows 2008 R2, Python (Jython), Regular Expressions.

Confidential, OR

Splunk Engineer and Developer

Responsibilities:

• As primary for Splunk support, supported Splunk circulated environment comprising of search heads, indexers and forwarders across different OS including Aix, Solaris and Windows.
• Configured Indexer replication to achieve data availability, data fidelity and disaster tolerance.
• Improved search performance by configuring 2 search heads for all Indexes in production.
• Install different Splunk Applications, for example, Cisco for Splunk, Windows for Splunk and VMware for Splunk.
• Created and configured management reports and dashboards in Splunk for application log monitoring.
• Responsible for administering, maintaining and configuring a 24 x 7 highly available, Splunk apps for production portal environment.
• Provided load/stress and architecture validation testing and trouble shooting on issues such as Out of Memory, 100% CPU Usage hung Thread sessions, session replication, JVM Crashes.
• Efficiently handled Work Load Management for load balancing and failover, improving performance, reliability and scalability.
• Gathering different wellsprings of syslog and XML information from different gadgets, applications, and information bases.
• Guarantee high accessibility & execution trough flat scaling and burden adjusted segments.
• Work towards accomplishing a speedier ROI and keeping up partners persuaded of the worth and undiscovered open doors in Splunk.
• Supporter and execute arrangements considering a full information lifecycle (Search & Investigate, Add Knowledge, Monitor & Alert, Report & Analyze).
• Problem determinations such as Broken Pipe/Connection reset issues by enabling traces in WebSphere V6.0/6.1 various Components and even automating various processes using wsadmin script.
• Basic understanding of Network Firewalls, Load-balancers, LDAP and complex network design.

Environment: Splunk Enterprise Server 5.1.2, Splunk Forwarder 5.1, 5.4, XML, VMware.

Confidential

System Engineer

Responsibilities:

• Responsible for monitoring Linux/Unix infrastructure including Linux, Solaris, AIX. Provide primary administration support for 600 Linux Servers.
• Resolve monitoring alerts for Solaris and aix servers like disk, cpu, swap and processes.
• Worked on migration projects involving migration from UNIX based platform to Linux.
• Decommissioning applications from unused nodes and rebuilding them for new projects.
• Performed PXE based installations on IBM servers.
• Performed installation of new software packages, patches and upgrades.
• Helped in upgrading servers from RHEL4.x to RHEL 5.x.
• Responsible for user/group management, setting user quota, access management etc.
• Worked on file system related tasks such as creation, extension, and reduction.
• Performed day to day activities related to monitoring, managing file space, log rotation,
• Managing scheduled backups through TSM, setting ulimits and kernel parameters.
• Implemented crons and scripts for automation and executing scheduled tasks.
• Administered and configured DHCP, NFS, FTP, HTTP servers.
• Worked with Datacenter teams to resolve hardware issues and replace parts.
• Co-ordinated with vendors, customer (users), managers to build systems and standards.
• Worked in various shifts to provide 24x7 support and on call support on weekends.

Environment: RHEL: 4.x, 5.x, Solaris, AIX, TSM, IBM and HP servers