Home

Yashwanth - Splunk Engineer

[email protected]

Location: Alpharetta, Georgia, USA

Relocation: GA

Visa: GC

Name: Yaswanth Nallapeta Contact: +1 2817691263 Email: [email protected] LinkedIn: https://www.linkedin.com/in/yashwanth-n-a6801527b/ Senior Splunk Engineer Summary Certified Admin and Splunk Certified Power User with over 8 years of Strong IT experience in Splunk, Linux/UNIX, PL/SQL and SQL DBA. Monitoring, Data Analytics performance tuning troubleshooting and maintenance. 5+years of experience as Splunk Admin/Developer, performed activities including requirement analysis, design and implementations of various client-server-based applications using Splunk 8.x, 7.x, Splunk 6.x. Responsible for the design, developing, testing, and deploying of Splunk solutions and dashboards running on Big Data technologies such as Hadoop. Experienced in creating Reports, Alerts and Dashboards by Splunk search processing language (SPL), creating and running Cron Jobs for scheduled tasks. Headed proof-of-Concepts (POC) on Splunk implementation and Integrating Splunk with Windows Active Directory and LDAP. Involved in Installing and using Splunk apps for UNIX and Linux (Splunk UNIX). Extensive Experience in SSL cryptography, troubleshooting by viewing logs and dealing with XML threats. Experienced in using Splunk CLI command syntax to manage or configure Splunk server and distributed deployment. Strong Experience with Splunk Searching and Reporting modules, Knowledge Objects, indexer, forwarder, Search head, deployment server, License model, Administration add-on's, Dashboards, Clustering and Forwarder Management. Hands on DMC to monitor Splunk deployment by providing and performance reporting from a central search head. Experience with monitoring and logging tools like Dynatrace, Splunk and New Relic for monitoring network services and host resources. Involved in using SPL created Visualizations to get the value out of data Worked on several styling and text customizations for different components of the Splunk platform using JavaScript and CSS. Involved in configuring the HTTP Server for various clustered application servers using virtual hosting & enabling SSL security. Fully understands concepts and practices for sizing, scaling, and deploying Splunk building across Center Of excellence (COE). Helped SOC team to monitor and Improve organization s security posture while preventing, detecting, analyzing, and responding to cyber security incidents. Proficient in PL/SQL programming - Stored Procedures, Functions, Packages, SQL tuning, and creation of Oracle Objects - Tables, Views, Materialized Views, Triggers, Sequences, Synonyms, Database Links, User Defined Data Types, Crystal Reports and SQL Server Reporting Services (SSRS).. Technical Skills: Languages C, C++, Java, XML, Unix Shell Scripting, Oracle SQL and PL/SQL, Pearl, Python. Database Oracle11g/10g/12c, MYSQL SERVER, DB2, MS Access, SQL Databases. Tools Splunk 8.x, 7.x, Oracle Forms 8i/9.2/10g/11g, TOAD, Chef, Puppet, New Relic. Web Technologies Servlets, JSP, HTML, DHTML, XML, XSL, XSL. Web/Application servers WebLogic8.1/9.2, Web Sphere concepts, Apache Tomcat, Sun ONE Network Protocols TCP/IP, Telnet, HTTP, HTTPS, FTP, SNMP, REST API, SSL, SFTP, LDAP, DNS, DHCP. Operating Systems Sun Solaris, Red Hat Linux, Windows 98/XP/Vista/7/8, UNIX, Linux. Education: Bachelor s in Electronics and Controls in India. Professional Experience: ADP, Roseland, NJ Jan 2022- Till Date Senior Splunk Engineer Responsibilities: Research, design and develop Splunk Enterprise infrastructure, and tools that will support security requirements and log management for the enterprise. Responsible for Installing, configured, and administered Splunk Enterprise on Linux and Windows servers. Good Understanding of configuration files, precedence, and daily work exposure to Props.conf, transforms.conf, inputs.conf, outputs.conf and setting up a forwarder information based on requirement. Involved in setting up alerts for a different type of errors, Data Enrichment using the lookups and Data Interpretation using the Fields and Fields Extraction and performing the Data Normalization using the Tags Experienced in using Splunk-DB connect for real-time data integration between Splunk Enterprise and rest all other databases. Expertise in Actuate Reporting, development, deployment, management, and performance tuning of Actuate reports. Responsible with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-Ons, Dashboards, Clustering and Forwarder Management. Monitored license usage, indexing metrics, Index Performance, Forwarder performance. Recommended, tested, installed, and configured SNARE client, and SNARE micro server as a means of collecting audit data for SOX servers in our enterprise. Scripted a series of batch files and vb scripts which would install the snare client where needed. Supported the upgradation of Splunk Enterprise server and Splunk Universal Forwarder from 7.X to 8.X Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process. Correlating events from a Network, OS, Anti-Virus, IDS/ IPS, Firewalls or Proxies and analyzing them for possible threats. Use Cisco ASA and Palo Alto OVA for firewall configuration, create firewall rules for network protection. Design and implement Splunk Architecture (Indexer, Deployment server, Search heads, and Forwarder management), create/migrate existing Dashboards, Reports, Alerts, on daily/weekly schedule to provide the best productivity and service to the business units and other stakeholders. Managed AWS Splunk instances and integration with on-prem Spunk Enterprise. Configured Syslog server for the forwarding the logs to Splunk server via network protocols like TCP and UDP Responsible for documenting the current architectural configurations and detailed data flow and troubleshooting guides for application support. Production Support & Systems engineering duties related to RedHat system administration DNS, DHCP, NFS, NIS, LDAP, user account maintenance. Monitoring or analyzing the real-time events for security devices like Firewall, IDS, Anti-Virus etc., using SIEM tools. Performed Field Extractions and Transformations using the RegEx in Splunk. Experience in version controls like Azure DevOps, GIT. Environment: Splunk 8.X,7.1.6,8.1.2 Linux, Unix, Windows, XML, Java Script, CSS, Python, Oracle 11g, Azure, Devops, AWS, Snare, GIT, Regular Expressions, SQL Mediacom, Chester, NY Nov 2020- Dec 2021 Senior Splunk Engineer Responsibilities: Designed Splunk Enterprise 7.3.5 infrastructure to provide high availability by configuring clusters across two different data centers. Architect and Implement Splunk arrangements in exceptionally accessible, repetitive, conveyed figuring situations. Performed Field Extractions and Transformations using the RegEx in Splunk. Responsible for Installing, configured and administered Splunk Enterprise on Linux and Windows servers. Supported the upgradation of Splunk Enterprise server and Splunk Universal Forwarder from 6.5 / 6.6 to 7.1 Experienced in using Splunk-DB connect for real-time data integration between Splunk Enterprise and rest all other databases. Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports. Responsible with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management. Monitored license usage, indexing metrics, Index Performance, Forwarder performance, death testing. Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise server 7.x/ 6.x. Design and implement Splunk Architecture (Indexer, Deployment server, Search heads, and Forwarder management), create/migrate existing Dashboards, Reports, Alerts, on daily/weekly schedule to provide the best productivity and service to the business units and other stakeholders. Managed AWS Splunk instances and integration with on-prem Splunk Enterprise. Configured Syslog server for forwarding the logs to Splunk server via network protocols like TCP and UDP. Responsible for troubleshooting various indexing issues by analyzing Splunk logs such as splunkd.log, metrics.log ingested as internal index. Support and execute arrangements considering a full information lifecycle (Search & Investigate, Add Knowledge, Monitor & Alert, Report & Analyze). Followed agile and scrum process for the whole implementation process. Environment: Splunk Enterprise 7.3.5, Universal Splunk Forwarders, Red Hat Linux, HTML, Java Script, Windows 2008 R2, Windows 2012 R2, Python, Regular Expressions. Dignity Health, Los Angeles, CA Sep 2019- Jul 2020 Senior Splunk Engineer Responsibilities: Involved in Requirement gathering & designing Digital Bodyguard Executive project. Analyzed security-based events, risks and reporting instances. Created dashboards for several Network traffic control using Dark Trace application. Designed/developed Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards. Involved in upgrading Splunk Enterprise from 7.0.2 to 7.2.3 and Splunk Enterprise Security from 6.2 to 6.5 Creating alerts to identify the malicious logins and suspicious emails from Proofpoint. Field Extraction: Using IFX, Rex Command and REGEX in configuration files, knowledge of EXTRACT keyword. Configured DUO connector application to add Two-Factor authentications to Splunk logins. Dynatrace and New Relic application monitoring for performance metrics in real time to detect and diagnose application problems automatically. Experience in connecting and creating identities with Database instances. Involved in SSO integration with Okta application network. Responsible for Executives account monitoring project. I used to lead App Monitoring project which is to identify the security of all applications Created several custom dashboards based on application team requirements. Experience in translating business requirements into concrete data analytic solutions. Involved in Root cause analysis for the issues encountered. Also provided 24/7 on call support for all the major applications Environment: Splunk 7.3.3, Splunk Enterprise 6.5, Universal Splunk Forwarders, Red Hat Linux, HTML, Java Script, Windows 2008 R2, Windows 2012 R2, Python, Regular Expressions. IBM, New Zealand Feb 2017- Aug 2019 Splunk Developer/ Administrator Responsibilities: Installed, Configured, and administrated Splunk Enterprise and Splunk forwarders on different environments. Created historical and real-time Dashboards, reports, scheduled searches, and alerts. Deployed and Managed Splunk DB connect Identities, Database Connections, Database Inputs, Outputs, lookups, access controls. Correlating events from a Network, OS, Anti-Virus, IDS/ IPS, Firewalls or Proxies and analyzing them for possible threats. Worked on Integrating Splunk with Windows Active Directory and LDAP. Installing and using Splunk apps for UNIX and Linux (Splunk UNIX). Monitor Client TMC websites to detect downtime and performance problems. Able to handle assumed names crosswise over application occasions and store data in Splunk storage Database (MongoDB). Involved many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health. Worked on Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy & Universal forwarder, and License model. Customizing simple XML using custom CSS style sheets and Java script files. Reduced license costs by sending all unnecessary log events to "null Queue" configured in props and transforms file. Created Landing Page to monitor CPU Performance Peak, Memory Leakage and several Parsing, Indexing, Searching concepts. Good Understanding of configuration files, precedence, and daily work exposure to Props.conf, transforms.conf, inputs. conf, outputs. conf and setting up a forwarder information based on requirement. Analyzed security-based events, risks and reporting instances. Integrate Spunk Web support with Splunk Mobile App utilizing Mobile Access server Add on Environment: Splunk 6.7, Splunk 6.6, Splunk Enterprise Server, Red Hat Linux, HTML, Java Script, Windows 2008 R2, Windows 2012 R2, Python, Regular Expressions. ADP, Hyderabad, India Jun 2016- Jan 2017 Splunk Developer/ Administrator Responsibilities: Installed and configured Splunk Universal Forwarders on both UNIX (Linux and Solaris) and Windows Servers. Created alerts for Business unit for application team. Done POC for Splunk Apps for LDAP, NMON, Splunk app for Windows Infrastructure. Provided the support for the Remedy team. Hands on experience in customizing Splunk dashboards, visualizations, configurations using customized Splunk queries. Involved in troubleshooting of Clustering and optimizing performance. Upgraded the Splunk DB connect to 2.x version. Monitored license usage, indexing metrics, Index Performance, Forwarder performance, death testing. Onboarding the data into Splunk from various databases using Splunk DB Connect plugin. Created tags, Event types, field lookups, using regular expressions, aliases etc. for search-time outputs and visualizations. Created reports and saved searches for the development environment. Developed various dashboards, reports for IT Infrastructure, IT Security, Leadership, and other relevant stakeholders. Dealt with Splunk Utilities (bucket rolling, User index creation and management, Source type, forwarder log monitoring input and output configuration). Created custom app configurations (deployment-apps) within SPLUNK to parse, index multiple types of logs format. Built dashboards, views, alerts, reports, saved searches using XML, Advanced XML and Search Processing language (SPL) as and when required. Created Splunk Apps using XML and Web Components. Knowledge of app creation, user, and role access permissions. Performed Field Extractions and Field Transformations using the Regular Expressions in Splunk. User/Group Administration - Splunk authentication with LDAP for user accounts/groups creation and bindings of LDAP groups to Splunk. Generated the reports by onboarding the data from lookup files. Involved in migration by configuring Splunk forwarders and providing the reports. Performed troubleshooting and configuration changes to resolve Splunk configuration issues. . Environment: Splunk Enterprise Server 4.x.x/5.x.x/6.x.x, Universal Splunk Forwarder 4.x.x/5.x.x/6.x.x, RedHat Linux, Oracle, HACMP 5.4, HTML, Java Script, XML, Use of Regular expressions. Keywords: cprogramm cplusplus database information technology microsoft procedural language California New Jersey New York