Job Title: Engineer
Location: TRIL GTC
GCL : C2
The suitable candidate must have strong skills on Splunk operations and suggest methods to improve practices and processes on Splunk delivery. Experience on more than one tool (desired) and relevant experience of 3-5 years. Candidate should be able to work in 24x7 environment from office. Must be ready and eager to work with end users as well as collaboratively with the internal team members.
Execute simple Standard Operating Procedures as directed to maintain operational stability.
Provide service improvements.
Environment setup – installation and bucket configuration
Data On boarding – DB Connect and Python Script setup
Creating Dashboards to monitor the Server status
Using Audit events, get the insight of the user action details
Indexer cluster configuration
Data age setup
Field extraction configuration
Troubleshoot Splunk server and forwarder problems and issues.
Collaborate with other internal teams such as Project, Security, and Development etc…
Build, customize and deploy Splunk apps as per internal customer needs
Maintain production quality dashboards, custom views, saved searches and alerts for Splunk Operations and for other clients as per their requirements
Create role-based access and SAML based SSO authentication for Splunk
Create and maintain architectural diagrams and other relevant documentations for the Splunk platform
Assist internal users of Splunk in designing and maintaining production quality dashboards
Arrange necessary trainings to Splunk internal team
Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
Involve in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
Working on syslog, syslog-ng, and Splunk HTTP Event Collection (HEC).
Configuration management systems (e.g. Ansible, Puppet, Chef, etc.)
Create Knowledge Objects.
Administer users and roles, generate pivots. Manage configuration files like inputs, props, transforms, lookups, system profiles and map agents.
Manage forwarders, indexers, search heads, add and configure index and source types.
Configuring/setup Splunk Deployer , License Master, Cluster Master, Indexers both clustered & non-clustered and Search heads both clustered & non-clustered.
Configuring/setup Splunk Deployment Server and Heavy Forwarders.
Installing forwarders and troubleshooting forwarders on both Linux and Windows platforms.
Experience on data on-boarding from Servers, Databases, Network appliances and AWS platform.
Creating Alerting, Reports and Dashboards based on customer requirements using SPL.
Experience on mapping CIM and building data models.
Creating notable events using correlation Searches on Splunk Enterprise Security.
Good hands-on experience on Splunk configuration files.
Implementation and testing of new configuration management, Log based and monitoring tool.
Outage handling, initiating/joining bridge calls during outages.
Handling various types of request tickets, Incident tickets.
Working in an ITIL implemented environment where all work is done by tickets, incident, change and problem and everything have their well-set SLAs.
Distributing the work among people present in the shift.
Actively involving on document creation and update.
Meeting SLA’s based on criticality of the servers, generating reports for Business starting and endings.
Generating reports and timelines to find missing SLA’s.
Handling incoming incidents and requests via phone/email/ticketing tool (Service Now) promptly and effectively.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.