- About Splunk - Some key responsibilities :
What is forwarder configuration, search heads and indexing.
How to create Dashboards, report, scheduled searches, and alerts.
Creating Vulnerability dashboard that aggregates data across multiple services to identify critical threats and proactively mitigate risks.
How to search SPLUNK search strings and operational strings.
How to analyze security-based events, risks, and reporting instances.
Step by step to develop custom web application solutions for internal ticket metrics reporting.
Provide regular support guidance to SPLUNK project teams on complex solution and issue resolution with the objective of ensuring best fit and high quality.
Interact with the data warehousing team regarding extracting the data and suggest the standard data format such that Splunk will identify most of the fields.
Onboard new log sources with log analysis and parsing to enable SIEM correlation.
Performed field extraction using IFX in an event action.
Involved in setting up alerts for different type of errors.
Performed Splunk administration tasks such as installing, configuring, monitoring and tuning.
• Install and maintain the Splunk add-on including the DB Connect 1, Active Directory LDAP for work with directory and SQL database.
• Installed and configured Splunk DB Connect in Single and distributed server environments.
• Configure the add-on app SSO Integration for user authentication and Single Sign-on in SplunkWeb.
• Automating in Splunk using Perl with Service-Now for event triggering.
• Deployed Splunk updates and license distribution over multiple servers using a deployment server.
• Create Dashboard Views, Reports and Alerts for events and configure alert mail.
• Monitor the Splunk infrastructure for capacity planning and optimization
• Server monitoring using tools likes Splunk, Solarwinds-Orion, HP BSM and HP Open View.
• Integrated ServiceNow with Splunk to generate the Incidents from Splunk.
• Active monitoring of Jobs through alert tools and responding with certain action logs, analyses the logs and escalate to high level teams on critical issues.
• Configured and administered Tomcat JDBC, JMS and JNDI services.
• Configured Node manager to remotely administer Managed servers
• Experience in handling network resources and protocols such as TCP/IP, Ethernet, DNS
• Splunk configuration that involves different web application and batch, create Saved search and summary search, summary indexes.
• Splunk search construction with ability to create well-structured search queries that minimize performance impact.
• Scaling up ELK (Elastic search/Log stash/Kibana) to index 90G a day of raw data(Tested alternative open source for splunk)
• Monitored the database (data tables and error tables), WebLogic error log files and application error log files to track and fix bugs.
• Ensuring that the application website is up and available to the users.
• Continuous monitoring of the alerts received through mails to check if all the application servers and web servers are up.
• Worked on DB Connect configuration for Oracle, MySQL and MSSQL.
• Supporting migration from Splunk On Premise data center to Amazon AWS
• Launching, Configuring, Supporting large scale instances on AWS
• Headed Proof-of-Concepts (POC) on Splunk ES implementation, mentored and guided other team members on Understanding the use case of Splunk.
• Expertise in customizing Splunk for Monitoring, Application Management and Security as per customer requirements and industry best practice.
• Expertise in Installation, Configuration, Migration, Trouble-Shooting and Maintenance of Splunk, Passionate about Machine data and operational Intelligence.
• Implemented workflow actions to drive troubleshooting across multiple event types in Splunk.
• Expert in installing and configuring Splunk forwarders on Linux, Unix and Windows.
• Expert in installing and using Splunk apps for UNIX and Linux (Splunk nix)
• Knowledge on Configuration files in Splunk (props. conf, Transforms.conf, Output.confg)
• Worked on large datasets to generate insights by using Splunk.
• Production error monitoring and root cause analysis using Splunk.
• Install, configure, and administer Splunk Cloud Environment 6.5.0 and Splunk Forwarder 6.x.x on Windows Servers.
• Supported Splunk Cloud with 4 Indexers, 80 forwarders and Generated 700 Gb of data per day.
• Involved in standardizing SPLUNK forwarder deployment, configuration, and maintenance across Windows Servers
• Configured inputs. conf and outputs.conf to pull the XML based events to SPLUNK Cloud Indexer.
• Debug Splunk related and integration issues.
• Installed Splunk on nix & Splunk SOS and maintained Splunk instance for monitoring the health of the clusters
• Integrate Spunk Web console with Splunk Mobile App using Mobile Access server Add on
• Build, customize and deploy Splunk apps as per internal customers
• Splunk UI experience and able to debug expensive search queries.
• Configured Clusters for load balancing and fail over solutions.
• Implemented a Log Viewer Dashboard as a replacement for an existing tool to view logs across multiple applications hosted on a PaaS setup.
• Create Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
• Ability to provide engineering expertise and assistance to the Splunk user community Advanced Splunk Search Processing Language skills (SPL).
• Extensively used various extract keyword, search commands like stats, chart, time chart, transaction, strptime, strftime, eval, where, xyseries, table etc
• Good knowledge about Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Created and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Strong experience with web/application servers like Apache Tomcat, Jetty, JBoss, IBM WebSphere, WebLogic.
• Strong experience using SQL, PL/SQL Procedures/Functions, Triggers and Packages.
• Creating accurate reports, Dashboards, Visualizations, Elastic search, and Pivot tables for the business users.
• Well versed with Dynatrace Monitoring tool. Expert in architecture of applications monitoring and UE Analytics. Experience within configuration and infrastructure support of Monitoring alerting and reporting tools through Dynatrace interface
x
x
x
x
No comments:
Post a Comment