SUMMARY:

• Over 7 years of experience in IT industry with 2 years of experience as SqlServer BI developer, over 5 years of experience as Splunk Admin/Developer.
• Experience on Splunk 5.x,6.x,7.x,Splunk DB Connect 1.x,2.x,3.x on distributed Splunk Environments and Clustered Splunk Environments on Linux and Windows operating systems
• Worked on Splunk Enterprise Security 4.x. Worked on the Security Implementation.
• Expert in Install, Configure & administer Splunk Enterprise Server and Splunk Universal Forwarder, Splunk Heavy Weight Forwarder in large distributed environment.
• Experience in using Chef and Jenkins to automate deployments across multiple servers.
• Worked on Design, support and maintain the Splunk infrastructure in Windows and Linux environments. Installation of Splunk Enterprise, Apps in multiple servers with automation.
• Great experience to Create Dashboard Views, Reports and Alerts for events and configure alert mail.
• Worked on Prebuilt Security Co relation Rules, Reports and Dashboards.
• Strong Knowledge on Linux System and Strong Knowledge on Computer Nodes.
• Experience in Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing. Working on indexers and computing servers and with configuration management.
• Experience security patching distributed Splunk architecture and components including search heads, indexes and forwarders.
• Used Splunk and ELK (Elastic Stack) For Log Error’s or Any Kind of log Analytics.
• ITSI Modules process data Collected using Splunk Add - ons and Created Multiple KPIs dashboards.
• Good Experience on S plunk Enterprise Security Glass Table Errors and Visualization Issues.
• Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Experience on working with CIM in which it facilitates normalization of data from different sources, and enables applications developed by Splunk to search and display Deep Discovery logs.
• Experience on FireEye to detect the complex and burden of Cyber Security organization struggling to prepare for prevent and respond to security attacks.
• Applying Security for Splunk with Enterprise Security and Cisco Security Suits along with PCI Compliance.
• Proficient in writing SQL Queries, PL/SQL Packages, Functions, Stored Procedures, Triggers, Cursors, Creation of Oracle objects - Tables, Views, Materialized Views, Sequences, Synonyms, Database Links and Indexes using Oracle tools like SQL*Plus, SQL Developer and Toad, PL/SQL Developer.

TECHNICAL SKILLS:

Splunk Modules: Splunk 5.x/6x/7x, Splunk DB Connect 1.x,2.x, Splunk Enterprise security, Splunk on Splunk, Splunk App for VMware, Splunk Web Framework, Splunk IT Service Intelligence, ELK.

OS: Linux, Unix, Windows.

Data Warehousing: SQL Server Management Studio (SSMS), Enterprise Manager, Query Analyzer, SQL Profiler, SSIS, SSAS, SSRS.

Databases: Microsoft SQL Server, Oracle Database, IBM DB2 and MySQL.

Programming: SPL, SQL, SQL Plus, Unix Shell Scripting, PowerShell, Perl, Bash, HTML, CSS, XML, C, Java, and Python.

Data Analysis: Business Rules, Data modeling, Data Warehousing, system integration.

Star Schema, SnowFlake, FACT: Dimensions, Conceptual Physical and Logical Data Modeling, ER models, OLAP, OLTP concepts.

Networking & Protocols: FireEye, TCP/IP, HTTP, HTTPS,LDAP, NIST, Firewall, VMware, SNMP, DHCP, DNS, NAT.

PROFESSIONAL EXPERIENCE:

Splunk Admin/Developer

Confidential, Richmond, VA

Responsibilities:

• Installed, Configured and Administrated Splunk Enterprise and Splunk Forwarders on Windows Servers and Linux Servers.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Installed and configured different Splunk apps and add-ons on Splunk platform.
• Developed Splunk Search Processing Language (SPL) queries, created Reports, Alerts and Dashboards and customized them. Field Extraction: Using IFX, Rex Command and REGEX in configuration files, knowledge of EXTRACT keyword.
• Created various search commands like Chart, Time Chart, Strptime, Strftime, Eval, Table etc.
• Created field aliases across application events and time modifier conversion commands.
• Setup SSL certificates in various Splunk servers (Indexers, Search Heads, and Management Servers).
• Worked on installing Splunk UF and Heavy Forwarders to bring any kind of feeds from different application servers into Splunk.
• Expertise in creating accurate reports, Dashboards, Visualizations and Pivot tables for the business users.
• Provide Regular support guidance to Splunk project teams on complex solution and issue resolution.
• Work closely with Application Teams to create new Splunk dashboards for Operation teams.
• Integrated the logs of Network Devices, Switches and Routers using the Network protocols like UDP/TCP.
• Good experience in working with SNMP traps and Syslog NG in onboarding the security devices on Splunk.
• Integrated and configured logs from different data sources like Windows, Linux/AIX, Application, Security, Network Devices, and servers.
• Worked with Splunk app for Enterprise Security to identify and address emerging security threats using continuous monitoring, alerting and analytics.
• Installed, configured, and manage Splunk Enterprise Security.
• Architecting and Deploying Splunk and coordinating Enterprise Security with Splunk
• Monitored security posture and security incidents regarding that trending outside and inside threat vectors.
• Consolidating analysis of suspicious Splunk data security event logs (Windows Defender, AppLocker, and Audit Events).
• Assist to recommending security resolutions to management for better malware detection and endpoint security.
• Supporting and monitoring Splunk cluster infra structure in AWS cloud environment.
• Worked on AWS logs through Lambda by using HEC token to on-board data into splunk.
• Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs.conf and Inputs.conf files.

Environment: Splunk Enterprise, Splunk 7.1, Splunk Db connect, Oracle, MS SQL 2008, Regular expressions, Windows, UNIX, UNIX shell scripting, XML, Microsoft Active Directory, Splunk App for Enterprise Security (SIEM), SNOW, SCOM, AWS, GitHub.

Splunk Engineer

Confidential, Columbus, OH

Responsibilities:

• Installation and configuration of Splunk product at different environments.
• Worked on Multiple Production Roles and Created Alerts with Using of Splunk, Also Created Multiple dashboards and Alerts at a time.
• Involved in Installation, Administration and Configuration of Splunk Enterprise and integration with local legacy systems.
• Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On’s, Dashboards, Clustering and Forwarder Management.
• Hands on development experience in customizing, visualizations, configurations, reports and search capabilities using customized Splunk queries.
• Experience in Dynatrace and app Dynamics for using System Health Check, Availability.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy Forwarder and Universal forwarder, License model.
• Designing and maintaining production-quality Splunk dashboards.
• Good experience in Splunk, WLST, Shell scripting to automate and monitor the environment routine tasks.
• Good Experience on Splunk IT Service Intelligence and worked Splunk ITSI Glass Table Visualization.
• Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Experience on Configured and developed complex dashboards and reports on Splunk.
• Splunk DB Connect 2.0 in search head cluster environments of Oracle. Worked on Splunk UI/GUI development and operations roles.
• Worked on Various framework for Transaction Security like PCI and PII
• Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.
• Created Regular Expressions for Field EXTRACTION and Field Transformations in splunk.
• Expertise in creating and customizing Splunk applications, searches and dashboards as desired by IT teams and business.
• Managed Indexer Clusters including security, hot and cold bucket management and retention policies.
• Integrated Splunk with Kafka to collect performance metrics and log files using JMX.
• Used Hadoop for Large data sets across Clusters of computers Using Simple Programming Models.
• Worked on Some Related parts of APP Dynamics (like User Reporting, Server monitoring and Machine Agent).
• Used Some Tivoli for Monitoring the Windows applications and Upgrading the equipment and various levels of Operating Systems.
• Integrate Service Now with Splunk to consume the alerts from Splunk and create service now tickets.
• Used the AWS Cloud Service for Securing the database Storage, Content deliver and other Functionalities.
• Integrated Splunk with AWS deployment using puppet to collect data from all EC2 systems into Splunk where it has enabled minimal sharing of private keys on AWS infrastructure across application teams since they no longer had to rely on direct logging to systems.
• Used on Dynatrace tool for client servers performances check and is programs running on premises in the cloud.

Environment: Splunk 6.x, Splunk DB Connect 2.0, Kafka, AWS, Oracle WebLogic 9.x/10.x, JBoss 5.x/6.x, Tomcat 5.x/6.x, Oracle 9i/10g, Solaris 10, LINUX, Server 6.0, Apache 2.x, python.

Splunk Admin/Developer

Confidential, Birmingham, AL

Responsibilities:

• Install, configure and administer Splunk Enterprise Server 6.0.4 and Splunk Forwarder 4.x.x/5.x.x/6.x.x on Red hat Linux and Windows severs .
• Upgraded Splunk Enterprise from v 6.2 to v 6.5.2 in clustered environments and non-clustered environments.
• Provided APM assessment of the monitoring practices and to flag any functionality gaps during initiate implementation process.
• Setup Splunk Forwarders for new application tiers introduced into the environment and existing applications Work closely with Application Teams to create new Splunk dashboards for Operation teams .
• Created Cloud Tables and Worked on Co relational Searches and created multiple KPI Dashboards .
• Experience in Splunk GUI development creating apps, searches, Data models, dashboards and Reports using the Splunk Query Language .
• Analyzed security based events, risks and reporting instances and Develop dashboards with visual metrics for stakeholders.
• Using Splunk and ELK for Business Logic Errors and Exceptions and Good Experience on ELK for Log Search Tool, Log stash and Data Visualization Tool.
• Troubleshooting and resolve the Splunk - performance, search poling, log monitoring issues; role mapping, dashboard creation etc. Experience with Web Services and Load balancing configurations.
• Used the Azure Cloud For managing and deploying the Applications.
• Used Cloud Services for Load balancing and Health Monitoring Also Windows Azure Used to Excels the Various Services like Plat Form as a Service ( PaaS ) and Software as a Service ( SaaS ).
• Worked on Chef Configuration management tool to automate and manage servers.
• Worked on various administration of Data power XS40, XI50 and XI52 devices.
• Experience in creating SQL loader scripts to load data from flat files into the database and creating External Tables to manage data which is store at the OS level.
• Using VMware for Cloud Computing and Splunk Virtualization Services .
• Dashboards and Reports to show Login count of each application, to show which app resources being accessed more, Number of failed logins, statistics on High hitting applications.
• Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Outputs.conf and Inputs.conf files.
• Worked on Splunk Buckets (Hot, Warm, Cold, Frozen).
• Used Glass Table for Visualize and Monitor Security Status of the project Environment.
• Expertise with SIEM (security information and event management). Manage Splunk user accounts (create, delete, modify, etc.) Scripted SQL Queries in accordance with the Splunk.

Environment: Splunk 6.x, Splunk Enterprise and Splunk modules, Splunk DB connect, Azure, Chef, Web Logic server 8.x/9.x/10.x/11g, Tomcat 6.x, Apache 2.x, Solaris10, Oracle 11g/10g, web services, HTTP, HTML, XML, SSL, SIEM, Python.

Splunk Admin /Developer

Confidential, Mt Prospect, IL

Responsibilities:

• Worked in installing the Splunk Enterprise 6.3.3 on both Linux (Red Hat Distro) and Windows Servers as a separate Splunk User.
• Installation and configuration of various components like indexer, forwarder, search head, deployment server.
• Worked in installing the Splunk Universal Forwarder and Splunk Heavy Forwarder on both Linux and Windows Environment.
• Installation of Splunk Applications and Technology Add-ons with respect to the technology.
• Updated the Splunk Enterprise 6.3.3 to 6.4.
• Designing and maintaining production-quality Splunk dashboards.
• Create and maintain reports and alerts in APM tools.
• Splunk Enterprise Deployments and enabled continuous integration on as part of configuration management.
• Helping application teams in on-boarding Splunk and creating dashboards/alerts/reports etc.
• Most of the time worked to install universal forwarders to but we have heavy forwarders set up to see data from sys log server side. Heavy Forwarders to bring any kind of data fields in to Splunk.
• Expertise with Design, Implementation, Configuration and Management of Splunk Enterprise.
• Created Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Creating and Managing Apps, Create user, role and Permissions to Knowledge objects.
• Create Dashboard Views, Reports and Alerts for events and configure alert mail OR depends on the requirement.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Troubles hooting of searches for performance issues by adding lookups, correct joins and using summary indexes.
• Development skills (Perl, Python) with strong knowledge of Regular Expressions.
• Captures data from various front end, middle ware applications, dashboards were created to monitor the traffic volume across, response times, Errors, Warnings across.
• Performed troubleshooting and/or configuration changes to resolve Splunk integration issues.
• Playing a key role in identifying and driving process changes within the team.

Environment: Splunk 6.x, Splunk DB Connect and other modules, SPL, Oracle 9i/10g, Solaris 10, LINUX, Sun One Web Server 6.0, Apache 2.x, Perl, python, SIEM.

Splunk Developer

Confidential

Responsibilities:

• Created Dashboards, Visualizations, Statistical reports, scheduled searches, Alerts and also worked on creating different other knowledge objects.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server).
• Worked on installing Universal and Heavy forwarder to bring any kind of data fields in to Splunk.
• Provide Regular support guidance to Splunk project teams on complex solution and issue resolution.
• Helping application teams in on-boarding Splunk and creating dashboards/alerts/reports etc.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Involved in admin activities and worked on inputs.conf, index.conf, props.conf and transform.conf to set up time zone and time stamp extractions, complex event transformations and whether any event breaking.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Designing and maintaining production-quality Splunk dashboards.
• Worked on DB Connect configuration for Oracle and MySQL
• Developing Scheduling Alerts, Experience with Deployment Server & Advanced XML.
• Created Dashboards for various types of business users in organization and worked on creating different Splunk Knowledge objects like Macros, IFX, Calculated fields, Tags, Event Types and Look ups.
• Field Extraction, Using IFX, Rex Command and Reg Ex in configuration files.
• Scripting and development skills (Perl, Python) with strong knowledge of regular expressions.

Environment: SPLUNK 5.0, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL, XML, Reg Ex.

SQL BI Developer

Confidential, Cincinnati, OH

Responsibilities:

• Created SSIS packages to load robust data from heterogeneous data sources like Oracle, DB2, Flat files to SQL server.
• Used various SSIS transformations such as conditional split, data conversion task, derived column, Multicast, Merge join and look up that are used for data cleansing and validation before loading data into new tables.
• Configured and deployed SSIS packages from test to production environments.
• Scheduled jobs to run on daily and weekly basis using SQL Server Agent.
• Generated reports using SSRS that were used to send information to different vendors, clients, and mangers.
• Added subscription and Snapshot options to deliver the reports to end users.
• Created ETL packages using Heterogeneous data sources (DB2, ORACLE and Flat Files etc.) and then loaded the data into destination tables by performing different kinds of transformations using SSIS.
• Used SSIS package to load data from different platforms such as CSV, XML, Flat file, and Excel.
• Created various types of reports such as sub reports, parameterized, Tablix and Matrix using SQL server reporting Services.
• Experience in using SQL server reporting Services (SSRS) and creating various reports such as Sub Reports, Parameterized, Cascading, Tabular, Matrix, Chart, and Drill down reports.
• Used For loop, sequence container, execute SQL task, send mail task to achieve business requirements.
• Created deployment utility to deploy SSIS packages over Production, Prod support and QA environments.
• Used Event Handlers for Custom Logging using Store Procedures for various events (On Warning, On Pre-and Post-Execution, On Task Failed etc.)
• Wrote complex SQL Queries using multiple joins for creating Ad hoc reports using Report Builder based on the requirements.

Environment: SQL Server 2008 R2, SQL Server 2008, SQL Server Data Tools, SSIS, SSAS, SSRS, Windows7, Oracle 11g, UNIX Shell Scripting, PL\SQL, Linux.

SQL Server Developer/SSRS

Confidential

Responsibilities:

• Managed database objects like stored procedures, views, tables etc.
• Optimized queries that were taking long time to display desired result set.
• Created groups, roles, users and assigning access privileges to users.
• Created new stored procedures and modifying existing ones as per business requirements.
• Created various types of reports such as sub reports, parameterized, Tablix and Matrix using SQL Server.
• Performed data analysis to generate various trend reports.
• Performed identification, analysis and resolved report defects within time scope.

Environment: SQL Server 2005, SQL Server Management Studio, SQL Server Reporting Services (SSRS).