Splunk Administrator

Job Title Splunk Admin

Work Location Louisville KY

Relevant Experience (in Yrs) 6 to 10 Years

Technical / Functional Skills Business Knowledge in healthcare domain , Strong debugging and problem solving skills.

Roles & Responsibilities

• Experience in Field Extractions and Transformations using the RegEx in Splunk.
• Experience in Installing, configuring, and administering Splunk Enterprise on Linux and Windows servers.
• Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process.
• Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk.
• Experience in Writing Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs.
• Experience in alert handling, standard availability and performance report generation. Experience in root cause analysis of post-production performance related issues through Splunk tool.
• Experience in Designing, optimizing and executing Splunk-based enterprise solutions.
• Should have Hands on experience in customizing Splunk dashboards, visualizations, configurations using customized Splunk queries.
• Monitored the Splunk infrastructure for capacity planning, scalability, and optimization.
• Experienced in using Splunk- DB connect for real-time data integration between Splunk Enterprise and rest all other databases.
• Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports.
• Responsible with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
• Monitored license usage, indexing metrics, Index Performance, Forwarder performance, Splunk Architecture / Engineering and Administration for SOX monitoring and control compliance.
• Design and implement Splunk Architecture (Indexer, Deployment server, Search heads, and Forwarder management), create / migrate existing Dashboards, Reports, Alerts, on daily / weekly schedule to provide the best productivity and service to the business units and other stakeholders.
• Configured Syslog server for the forwarding the logs to Splunk server via network protocols like TCP and UDP.
• Subject matter expert in best practices, security protocols, KPI, and other security-related issues.
• Responsible for troubleshooting various indexing issues by analyzing Splunk logs such as splunkd.log, metrics.log ingested as internal index.
• Support and execute arrangements considering a full information lifecycle (Search & Investigate, Add Knowledge, Monitor & Alert, Report & Analyze). Followed agile and scrum process for the whole implementation process.
• Should be able to support 24X7 environment by being flexible in weekend work.

Generic Managerial Skills Communication, Coordination skills, Offshore Coordination

Education Bachelor or Master Degree