Splunk Administrator

Relevant Experience  (in Yrs)       6 to 10 Years

Technical/Functional Skills          Business Knowledge in healthcare domain , Strong debugging and problem solving skills.

Roles & Responsibilities

•            Experience in Field Extractions and Transformations using the RegEx in Splunk.

•            Experience in Installing, configuring, and administering Splunk Enterprise on Linux and Windows servers.

•            Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.

•            Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk.

•            Experience in Writing Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs.

•            Experience in alert handling, standard availability and performance report generation. Experience in root cause analysis of post-production performance related issues through Splunk tool.

•            Experience in Designing, optimizing and executing Splunk-based enterprise solutions.

•            Should have Hands on experience in customizing Splunk dashboards, visualizations, configurations using customized Splunk queries.

•            Monitored the Splunk infrastructure for capacity planning, scalability, and optimization.

•            Experienced in using Splunk- DB connect for real-time data integration between Splunk Enterprise and rest all other databases.

•            Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.

•            Responsible with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.

•            Monitored license usage, indexing metrics, Index Performance, Forwarder performance, Splunk Architecture/Engineering and Administration for SOX monitoring and control compliance.

•            Design and implement Splunk Architecture (Indexer, Deployment server, Search heads, and Forwarder management), create/migrate existing Dashboards, Reports, Alerts, on daily/weekly schedule to provide the best productivity and service to the business units and other stakeholders.

•            Configured Syslog server for the forwarding the logs to Splunk server via network protocols like TCP and UDP.

•            Subject matter expert in best practices, security protocols, KPI, and other security-related issues.

•            Responsible for troubleshooting various indexing issues by analyzing Splunk logs such as splunkd.log, metrics.log ingested as internal index.

•            Support and execute arrangements considering a full information lifecycle (Search & Investigate, Add Knowledge, Monitor & Alert, Report & Analyze). Followed agile and scrum process for the whole implementation process.

•            Should be able to support 24X7 environment by being flexible in weekend work.

Generic Managerial Skills             Communication, Coordination skills, Offshore Coordination

Education           Bachelor or Master Degree