Splunk SME/ADMIN

Splunk/ Admin experience with nagios needed with 8+ experience WFH-Short project - Contractual

Splunk:

• Administering Splunk and Splunk Apps to include developing new or extending existing Apps to perform specialized functionality.

• Integrating Splunk with a wide variety of legacy data sources.

• Consulting with customers to customize and configure Splunk to meet their requirements.

• Assisting with training application and infrastructure teams not familiar with Splunk.

• Mentoring team members with less experience to assist in Splunk related activities.

• Working closely with Infrastructure, Application, Development and Business or project teams on Splunk.

• Engaging application and infrastructure teams to establish best practices for utilizing Splunk data and visualizations.

• Communicating with customer stake holders including leadership, support teams, and system administrators.

• Creating and maintaining engagement process and documentation related to architecture, operational processes and training material for Splunk.

• Splunk architecture, components (indexer, forwarder, search head).

• Good knowledge on administering splunk indexer clusters, search head clustering, maintaining KVStores, maintain macros and views.

• Must have working knowledge of an enterprise log management tool.

• Knowledge on splunk .conf files, administering splunk on Linux systems, splunk data retention policies.

• Splunk log source integration.

• Knowledge on writing SPLs (splunk searches), create Splunk reports/dashboards and publish them to various audiences.

• Good hands on concept on Data Analysis, Extraction, transformation and Load(ETL) techniques and Splunk reporting solutions.

• Creating dashboards, reports using XML. Report generation ad customization.

• Experience in object creation and usage across the Enterprise.

• Normalization of event data, and Management of knowledge objects, data models and developing macros.

• Knowledge of app creation, user and role access permissions.

• Understanding of configuration files, precedence and working.

• Configure and manage Infrastructure Security and SIEM solutions Design.

• Knowledge on Splunk Rest APIs.

• ust have good understanding of application, webserver, endpoint device and network devices.

• Expert knowledge of regular expressions and at least one common scripting language (PERL, Python, VB Script).

• Experienced with network tools such as syslog.

• Demonstrated capability to learn and adapt to new situations & requirements.

• Ability to manage multiple high priority projects and production issues.

Qualifications:

• 5+ years of professional experience with system administration and System Event and system integrations.

• 5+ year of work experience with Splunk real-time processing architecture and deployment; Splunk dashboard design a big plus.

• Strong experience in Splunk configuration files, RegEx and comfort in using the Linux CLI and Windows.

• Experience in SOAP, REST API, web-based technologies and scripting languages including JavaScript, Python, Perl and shell scripting, XML, HTML.

• Experience in requirements analysis, engineering, and testing in real world environments.

• Knowledge of TCP/IP and networking fundamentals, MQ, SFTP, SSL.

• Experience in Splunk DB Connect, ITSI, HEC is a plus.

• Strong communication, written, and verbal skills with the ability and comfort level to do presentations to potential and existing customer audiences of 5-30 people.

• Bachelor in an IT related concentration.

• Experience with software development, system architecture, and/or databases a plus.

• Splunk certification(s) a plus but not required.