Splunk Administrator

Job Title Splunk Admin Work Location Louisville KY Relevant Experience (in Yrs) 6 to 10 Years Technical/Functional Skills Business Knowledge in healthcare domain , Strong debugging and problem solving skills. Roles & Responsibilities • Experience in Field Extractions and Transformations using the RegEx in Splunk. • Experience in Installing, configuring, and administering Splunk Enterprise on Linux and Windows servers. • Installation and implementation of the Splunk App for Enterprise Security and documented best practices for the installation and performed knowledge transfer on the process. • Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk. • Experience in Writing Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs. • Experience in alert handling, standard availability and performance report generation. Experience in root cause analysis of post-production performance related issues through Splunk tool. • Experience in Designing, optimizing and executing Splunk-based enterprise solutions. • Should have Hands on experience in customizing Splunk dashboards, visualizations, configurations using customized Splunk queries. • Monitored the Splunk infrastructure for capacity planning, scalability, and optimization. • Experienced in using Splunk- DB connect for real-time data integration between Splunk Enterprise and rest all other databases. • Expertise in Actuate Reporting, development, deployment, management and performance tuning of Actuate reports. • Responsible with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management. • Monitored license usage, indexing metrics, Index Performance, Forwarder performance, Splunk Architecture/Engineering and Administration for SOX monitoring and control compliance. • Design and implement Splunk Architecture (Indexer, Deployment server, Search heads, and Forwarder management), create/migrate existing Dashboards, Reports, Alerts, on daily/weekly schedule to provide the best productivity and service to the business units and other stakeholders. • Configured Syslog server for the forwarding the logs to Splunk server via network protocols like TCP and UDP. • Subject matter expert in best practices, security protocols, KPI, and other security-related issues. • Responsible for troubleshooting various indexing issues by analyzing Splunk logs such as splunkd.log, metrics.log ingested as internal index. • Support and execute arrangements considering a full information lifecycle (Search & Investigate, Add Knowledge, Monitor & Alert, Report & Analyze). Followed agile and scrum process for the whole implementation process. • Should be able to support 24X7 environment by being flexible in weekend work. Generic Managerial Skills Communication, Coordination skills, Offshore Coordination Education Bachelor or Master Degree