SUMMARY:

• Overall 8 years of experience in Programming and Data analytics.
• Experience on Splunk architecture and various components (indexer, forwarder, search head, deployment server) Heavy and Universal forwarder, License model.
• Expert in installing and using Splunk apps for UNIX and LINUX.
• Implemented workflow actions to drive troubleshooting across multiple event types in Splunk.
• In depth and extensive knowledge in setting up alerts and monitoring recipes from the Machine generated data.
• Expert in creating accurate Reports, Dashboards, Visualizations and Pivot tables for the business users.
• Knowledge about Parsing, Indexing, searching concepts Hot, Warm, Cold, Frozen bucketing.
• Experience on Splunk Common Information Model (CIM) in extracting values from data and to normalize the data for maximum efficiency.
• Experience in scripting languages Python, JavaScript, Bash, Perl.
• Expertise in using rex, Sed, erex and IFX to extract the fields from the log files.
• Extensive experience in deploying, configuring and administering Splunk clusters.
• Worked on various Data sources like weblogs, event logs, audit logs, transition logs, API mobile logs, syslog, application logs, WebSphere and JBoss application data, Network switch/router/firewall logs, Server, Desktop, Database, Application activity logs and Splunk internal logs.
• Tested and created most use cases needed to implement User Behavior Analytics (UBA) correlation searches.
• Strong Splunk UI experience and able to debug expensive search queries.
• Experience in troubleshooting the Splunk server and forwarder problems and issues.
• Strong experience in System Administration, Installation, Upgrading, Patches, Migration.
• Created Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
• Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Various types of charts Alert Settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to Knowledge objects.
• Event Analysis on Base & Correlated Events using SIEM tools namely Splunk and ArcSight as part of the Security Operations Center.
• Experience in using Shell scripts to automate log backups and daily tasks.
• Use techniques to optimize searches for better Performance, Search Time vs Index Time Field Extraction and understanding of configuration files, precedence and working Props.conf, transforms.conf, inputs.conf, outputs.conf setting up a forwarder Monitor stanza in inputs.conf.
• Expertise in PL/SQL programming - Stored Procedures, Functions, Packages, SQL tuning, and creation of Oracle Objects - Tables, Views, Materialized Views, Triggers, Sequences, Synonyms, Database Links, and User Defined Data Types.
• Implemented a Log Viewer Dashboard as a replacement for an existing tool to view logs across multiple applications hosted on a PaaS setup.
• Excellent skills on troubleshooting and problem determination of HTTP/System/Network related problems including monitoring, capacity planning and maintenance by providing 24X7 support on call for all mission critical applications.

TECHNICAL SKILLS:

Splunk Modules: Splunk 6.1.3, Splunk on Splunk, Splunk Enterprise, Splunk DB Connect, Splunk Cloud, Splunk Web Framework, Splunk Enterprise Security, Splunk IT service intelligence, Splunk user behavior analytics, Splunk Universal forwarder, Cisco for Splunk, Windows for Splunk, Splunk UBA, VMware for Splunk, Splunk DB, SSIS,SSAS, SSRS, Business Objects, Power BI, ArcSight

APEX: 4.2,3.2, Informatica Power Center Oracle Forms 10g,9i,6i and Reports 10g,9i,6i, ERWIN, VISIO, Autosys Control-M, Django.

Languages: SQL, PL/SQL, Perl (corn shell) Unix Shell Scripts, JSP, C, C++, Java, J2EE, CSS, HTML, XML.

Servers: Linux, windows, Tomcat, IBM, UNIX, RDS, Apache, Websphere MQ server, WebSphere application server, WebSphere SD

RDBMS: Oracle MS-SQL Server ... Sybase, DB2 MS Access. Databases Microsoft SQL Server, MySQL, Oracle, Mongo DB. Operating Systems Windows/XP/Vista/7, UNIX, Red Hat Linux Scripting Python, K Shell, bash Script, JavaScript, CSS

Web/App Servers: Web Sphere Application Server Web Sphere MQ Sever 6.0/7.0, WebSphere XD 6.0/6.1, Apache Web Server, Tomcat 5.0/6.0/7.0

Data Modeling: Dimensional Data Modeling (Star Schema, Snow-Flake, FACT-Dimensions), Conceptual Physical and Logical Modeling, ER Models, OLAP, OLTP concepts

PROFESSIONAL EXPERIENCE:

Splunk Developer

Confidential, Denver, CO

Responsibilities:

• Created Splunk Dashboards to highlight key business metrics such as transaction volume and average processing time, as well as to measure the performance of other third party systems.
• Expertise in standardizing Splunk Forwarder deployment, configuration and maintenance across UNIX, LINUX and windows platforms.
• Knowledge of software development life-cycle (SDLC) process, Followed Agile scrum and story maps for dev tracking.
• Building, Deployment, Configuration, Management of SPLUNK Cloud instances in a distributed environment which spread across different application environments belonging to multiple lines of business.
• Maintained the Splunk software to automatically send out an alert to notify the appropriate authority through Email and activate the necessary support.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Created many of the proof-of-concept dashboards for IT operations, and services owners which are used to monitor application and server health.
• Designed and developed Custom Apps as per the Business requirement and assigned roles.
• Performed Data Exfiltration by Compromised Account and Data Exfiltration by Malware using User Behavior Analytics.
• Created alerts to notify system outages or reaching threshold values. These alerts include Splunk license threshold limit, syslog server threshold limit, file system overflow and cold storage outage.
• Developing customized Shell scripts in order to install, manage, configure multiple instances of Splunk forwarders, indexers, search heads, deployment servers.
• Created detailed documentation for all the reports, alerts and dashboards. People without Splunk knowledge can follow the mentioned instructions and generate alerts/reports manually in case of automated mail generation failure (Firewall issues between SPLUNK and mail server).
• Experience with Splunk User Interface in creating Dashboards and Visualizations.
• Used SPLUNK forwarders to provide reliable and secure collection and delivery of data to the Splunk platform for indexing, storage and analysis.
• Provide regular support guidance to Splunk project teams on complex solution and issue resolution.
• Assisted administrators to ensure whether SPLUNK is actively and accurately running and monitoring on the current infrastructure implementation.
• Responsible for scheduling and automating database tasks - Jobs, Alerts, Emails, Notification.
• Subject matter expert in best practices, security protocols, PKI, and other security-related issues.
• Analyzed large datasets to identify metrics, drivers, performance gaps and opportunities for improvement.
• Used techniques to optimize searches for better performance, search time vs. index time field extraction. And understanding of configuration files, precedence and working.
• Worked on large datasets to generate insights and communicate insights to guide strategic roadmap.
• Onboard new log sources with log analysis and parsing to enable SIEM correlation.
• Responsible to check the SPLUNK logs for web server so as to avoid server time down during production.
• Managing TCP hosts through SPLUNK deployment server. Pushing configurations and grouping servers to push similar configurations at the same time.

Environment: Splunk Enterprise, Splunk6.4,6.5 Universal Splunk forwarder, Splunk Db connect, Splunk UBA, Oracle, MS SQL 2008,Regular expressions, Windows, UNIX, UNIX shell scripting, XML, Microsoft Active Directory, Splunk App for Enterprise Security (SIEM).

Splunk Developer

Confidential, St. Louis, MO

Responsibilities:

• Managing SPLUNK universal forwarder deployment and configuration, Monitoring and Maintaining Splunk performance and optimization after deployment.
• Developed complex dashboards to monitor manage and track the traffic volume across, response times, Errors, Warnings across various data centers, applications and servers.
• Helped in integration of Splunk with service now, Maintaining Splunk Instance and Monitoring health of the Cluster.
• Built many of the proof-of-concept Dashboards for IT operations, and service owners which are used to monitor application and server health.
• Expert in Analyzing the Security Related Logs from various sources using SIEM system which creates alerts whenever it detects Anamolous Transactions and also blocks malicious activities.
• Maintenance of SPLUNK Environment with multiple indexers.
• Played a major role in understanding the logs, server data and brought an insight of the data for the users.
• Depending upon the Data retention requirements configured and maintained hot, warm, and cold buckets.
• Checking for Suspicious Behavior, Compromised Account, Remote Account Takeover using User Behavior Analytics.
• Worked on setting up Splunk to capture and analyze data from various layers Load Balancers, Web servers and application servers.
• Involved in setting up alerts for different type of errors, Analyzed security based events, risks and reporting instances.
• Designed core scripts to automate Splunk Maintenance and alerting tasks.
• Migrating some of the servers with Elastic Search tool for monitoring Health of the servers.
• Conducted and automated Splunk configuration files susch as Props.conf, transforms.conf, inputs.conf, outputs.conf setting, Props file management for event breaking and time stamp matching.
• Responsible for daily Security checks, monitoring unsuccessful logons, monitoring inactive users and locking the inactive users in production system i.e. daily Health Checks.
• Worked with administrators to ensure Splunk is actively and accurately running and monitoring on the current infrastructure implementation.
• Various types of charts Alert Settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects.
• Experience in working with Splunk authentication and permissions and having significant experience in supporting large scale Splunk deployments.
• Used the Splunk DB Connect application to associate and integrate unstructured data from web logs, syslogs and access logs with structured data from the firm’s Microsoft SQL Server database, providing the firm with meaningful context and business insight.
• Deployed Splunk Enterprise on AWS to gain real-time visibility across AWS and entire IT environment.
• Analyzed FACETS for Group Information, Enrolling Subscribers, adding members, Related Entities, Class/Plan definition and Premium Rate Tables.
• Involved in helping the UNIX and Splunk administrators to deploy Splunk across the UNIX and windows environment.
• Create dashboard from search, Scheduled searches Inline search vs. scheduled search in a dashboard.
• Generated Splunk Search Processing Language (SPL) queries, Reports and constructed
• Dashboards using XML, arranged and tested Splunk search strings and operational strings.

Environment: Splunk 4.3,5.0,6.0,6.1 Tomcat 6.0, IBM HTTP Server, Splunk Enterprise Security, Splunk UBA, Apache 2.0, Solaris10, Windows 2008, Oracle 11g/10g, web services, LDAP, AWS, HTML, XML, SSL, JDBC. Datameer, Linux, Bash, Perl, Hawq, Sed, rex, erex, Splunk Knowledge Objects, Python.

SQL Developer

Confidential, Denver, CO

Responsibilities:

• Conducted and implemented T-SQL queries for developing complex stored procedures, triggers, tables, user functions, CTE, user profiles, relational database models and data integrity, SQL joins and query writing.
• Extensively worked on creating SSIS packages and have used for each Loop containers, Sequence Container for developing processes and loaded data using different transformations such as Derived Columns, Condition Split, Aggregate, Merge Join and Union all.
• Created, Maintained and scheduled various reports in SSRS like Tabular Reports, Matrix Reports and Parameterized Reports using SQL Server Reporting Services SSRS.
• Involved in writing various DB Objects like User defined function, instead of triggers, Usage of Indexes for accomplishing various tasks, worked on Performance tuning queries by looking at the Indexes, Appropriate joins, Query Statistics and Execution plans.
• Created Stored Procedure, Views, Cursors and functions to support application.
• Developed confidential proprietary analytical tools and reports with Microsoft Excel, and Power Pivot, and Power Point.
• Deployed and scheduled reports using SSRS to generate all daily, weekly, monthly and quarterly reports including current status.
• Creating Distributed Partitioned Views, Debugging/Troubleshooting Stored Procedures, upgrading existing ones.
• Used Database Engine Tuning advisor and SQL Profiler for Monitoring memory, processor, Disk I/O and SQL Queries.
• Developed and delivered dynamic reporting solutions using MS SQL Server 2008 Reporting Services (SSRS).
• Extensively created SSRS reports (Executive Summary report for Annual and Quarterly) and Configured Report Server on all the environments. Also automate deployment for SSRS reports for all the environments.
• Experience in Database Backup, Recovery and Disaster Recovery procedures.
• Involved in monitoring and tuning report performance by analyzing the execution plan of the report.
• Developed DTS Packages to transform data to MS SQL Server from Excel for further analysis.
• Design of ETL processes to transfer customer related data from MS Access, excel to SQL Server.
• Actively supported Business users for change requests and provide support to team members.
• Wrote stored procedure and function used in SSIS package and SSRS reports.
• Configured Database Mail, created operators, jobs and alerts for automating databases.
• Created ETL packages with different data sources (SQL Server, Flat Files, Excel source files, XML files etc.) and then loaded the data into destination tables by performing different kinds of transformations using SSIS packages.
• Data migration (Import & Export - BCP) from text to SQL Server.

Environment: SQL Server 2008, SSRS 2008, SSIS, SSAS, TFS, Query Analyzer, SQL Profiler, Active Directory and Windows XP platform, Web services, Visual Studios 2008, Data Transformation Services, and T-SQL.

SQL/BI Developer

Confidential

Responsibilities:

• Created Stored Procedures, Triggers, Views, Added/Modified tables for data Load Transformation Extraction and Manipulation.
• Developed SQL Queries to fetch complex data from different tables in remote databases using joins, database links and formatted the results into reports and kept logs.
• Filtered bad data using complex T-SQL statements, UDFs and implemented various constraint and triggers for data consistency. Gathered report requirements and determined the best solution to provide the result in either a Reporting Services report, Analytical Cube or an Excel pivot table.
• Worked on monitoring and tuning of SQL scripts. Created upgrade scripts for production database and supported it.
• Good SQL server administration skills including, backups, disaster recovery, database maintenance, user authorizations, database creation.
• Managing of database objects like Tables, views, stored procedures, indexes etc.
• Created SSRS Data Model projects using Microsoft Visual Studio 2008 and using Report Builder for report server to create reports.
• Developed and optimized database structures, stored procedures, DDL trigger and user- defined functions.
• Participated in creating reports using SSRS, Created various Ad-hoc SQL queries for customer reports, executive management reports and types of report types like tables, matrix, sub reports etc.
• Involved in writing Complex stored procedures, queires, views, triggers using T-SQL joins.
• Generated Sub-Reports, Drill down reports, Drill through reports and Parameterized reports using SSRS.
• Created SSIS packages for extracting, transforming and loading the data.
• Developed medium to complex reports like drill through reports, drill down reports, sub- reports to meet various business needs using SSRS and stored procedures.
• Administering the MS SQL Server by Creating User Logins with appropriate roles, dropping and locking the logins, monitoring the user accounts, creation of groups, granting the privileges to users and groups.
• Enforcing business rules with triggers and user defined functions, troubleshooting, and replication.
• Converted Data Transformation Services (DTS) application to SQL Server Integrated Services (SSIS) as assigned.
• Maintenance and Correction of Transact Sequel Server (T-SQL) Statements.
• Experience in creating complex SSIS packages using proper control and data flow elements with error handling.
• Daily Monitoring of the Database Performance and network issues.
• Assisted in production OLAP cubes, wrote queries to produce reports using SQL Server 2005 Analysis Services (SSAS) and Reporting service (SSRS).
• Worked on crystal Reports and created reports through Cross tab reports, Sub reports, Formula fields, Parameter fields and Running total fields.
• Used various ETL tools like SSIS/DTS for data flow from source files XML, Excel, Tables and views to other databases or files with proper mapping.
• Developed DTSX packages to extract, transform and load into the Campaign database from OLTP database using of SQL Server Integration Services (SSIS).
• Writing the Stored Procedures, checking the code for efficiency.
• Experience in configuring and deploying SSRS reports onto Microsoft SharePoint Server.
• Created complex SSIS packages using proper Control and Data flow elements.

Environment: MS SQL Server 6.5, SQL Server 7, MS SQL Server 2000, MS SQL Server2005, MSBI (SQL Server Integration Services (SSIS), SQL Server Reporting Services (SSRS), SQL Server Analysis Services (SSAS) and Crystal Reports)