Summary
Overview
Work History
Skills
Timeline
Generic

Immanuel Adetunji

Beltsville,MD

Summary

Thorough Splunk engineer with over 5 years of experience building and managing large scale deployment environments. Confident in ability to connect with clients, to understand their needs and provide innovative solutions. Proficient in data onboarding using multiple collection agents such as universal forwarders, syslog servers, HTTP Event Collectors, API Collection, and scripted inputs. Experienced with crafting dashboards that provide expert insight and deep analysis into events within an environment.

Overview

8
8
years of professional experience

Work History

Splunk Administrator

MetTel
02.2025 - 12.2025
  • Managed daily Splunk operations across multi site distributed environments (NY + TX data centers), supporting search head clusters, indexer clusters, heavy forwarders, and critical ingestion pipelines
  • Developed weekly host inactivity alerts across critical indexes (database, Kubernetes, wineventlog, network, VMware, cyberArk), identifying systems with recurring ingestion failures and reducing blind spots in enterprise monitoring
  • Created dashbord for license usage for top sourcetypes including 30 day usage trends and tstats optimized versions for performance
  • Built a Syslog Host Monitoring dashboard to track ingestion health across NY and TX data centers, normalizing port, sourcetype, IP, and FQDN mappings through custom lookups significantly improving operational visibility and troubleshooting accuracy
  • Developed dashboards for domain controller replication, SQL job duration trends, and license consumption patterns
  • Created custom alerts to detect parsing and indexing failures caused by unexpected characters within incoming data, enabling early detection before impacting data ingestion
  • Created automation strategies for Splunk SOAR playbook to detect inactive Windows and Linux forwarders and trigger remote service restarts
  • Built a Salesforce login activity dashboard for business administrators, correlating application access attempts from non Salesforce systems to strengthen access oversight and audit readiness
  • Deployed the Splunk MLTK app across the Search Head Cluster to help the engineering team run clustering and anomaly detection on Kubernetes logs, mainly focusing on error patterns coming from the bss service containers
  • Onboarded new Salesforce API logs by first validating all data ingestion in our TEST Splunk environment, confirming field extraction and event quality, then promoting the configuration to PROD with proper sourcetypes and inputs to ensure clean and consistent data flow
  • Executed the manual KV Store upgrade for legacy version 4.2 to version 7 across ES and core SH clusters, verified successful replication and cluster health, thus clearing the final blocker preventing the enterprise wide upgrade to Splunk version 10
  • Configured and maintained data model accelerations to keep dashboards performing consistently, making sure tstats searches for security, network, and operational use cases returned fast and reliable results
  • Supported OS patching cycles for all Splunk servers by coordinating with the Linux engineering team, running Ansible playbooks used for patching, and performing full post patch validation to ensure cluster health and service stability

Splunk Administrator

Navy Federal Credit Union
01.2023 - 01.2025
  • Created Python script for the successful reassignment and combining of over 100 role mappings and AD groups as part of Splunk environment consolidation
  • Installed ITSI app on Splunk Network Services servers to collect logs from various host machines within environment
  • Implemented Service Analyzer tool in ITSI app to monitor console services, and key performance indicators, used daily by operations analysts
  • Used Deep Dives tool in ITSI to view KPI searches over time for the purpose of troubleshooting
  • Created custom, individualized status boards of KPI data within ITSI app
  • Automated process of syslog and HEC data ingestion of over 25 recurring system devices to reduce manual work
  • Develop custom Splunk TAs and apps for various new data sources via Universal Forwarder, DB Connect, and Scripted Inputs to configure Splunk roles, AD groups, and search quotas.
  • Lead Splunk engineer responsible for building the architecture design and creating new On-Prem Splunk Indexer cluster, and Search head cluster as per company mandate
  • Configure permissions of clients within search head clusters, group users into correct Active Directory groups for access to correct data
  • Leverage Splunk Enterprise security for threat analysis by building Security strategy dashboards and correlation searches to detect and report on attack patterns
  • Developed 20+ unique base searches as macros tailored to specific clients, streamlining search processes, reducing jobs on search heads, and efficiently powering multiple dashboard panels while conserving resources for future tasks and queries
  • Scheduled a daily search attached to a lookup definition that filters out unwanted events from over 14 days, automatically sending events to null queue via transforms.conf reducing the volume of data processed, resulting in saving company resources significantly
  • Created a Troubleshooting Metric Set to centralize common troubleshooting topics with root causes attached, to gain better insights on common errors or warn messages based on my tags
  • Automated the process of scaling up search head clusters within environment via Unity for more CPU and RAM, to increase efficiency and performance of searches
  • Conduct bi-weekly user training on best practices on how to optimize search queries of indexed network logs, by leveraging field-value pairs and effective time ranges, filtering out irrelevant events early in the search

Splunk Data Engineer

Wells Fargo
02.2020 - 12.2022
  • Led the integration of network device logs across thousands of endpoints using Splunk’s forwarders, enabling proactive anomaly detection and reducing incident response times
  • Anonymized PII and Title 26 data by implementing sed scripts on heavy forwarders to mask credit card data, social security information, and home addresses etc, before indexing in Splunk
  • Led a team of engineers through the process of upgrading Splunk in environment, managed obtaining new software, installing the latest version, deploying configurations, and verifying the upgrade within environment
  • Lead engineer responsible for setting up dedicated Syslog servers as well as configuring syslog.ng to manage incoming logs from security and network devices for indexing
  • Truncate incoming logs via props.conf to free up space and allow for faster searches of indexed data
  • Regularly troubleshoot Splunk ERROR or WARN messages by utilizing Splunk btool, Splunkd.log, and internal log files
  • Created several tags for different hosts within my datasets, for the purpose of labeling my hosts by the state from which the data originates
  • Deployed Splunk’s Machine Learning Toolkit for automatic detection of fraudulent transaction patterns, expediting compliance and lowering human review work
  • Leveraged various Splunkbase apps such as Cisco Cloudlock, Fortinet, and Amazon Kinesis on Splunk Cloud Platform for rapid issue detection and diagnosis, minimizing downtime and enhancing system reliability
  • Regularly used fieldformat command when dealing with newly ingested data sources to identify key fields and values for analysis and future reports, allowing for a centralized view of fields for constant monitoring of any changes in the field values that may need to be reported
  • Responsible for setting configurations for indexer discovery, ensuring indexers are configured to accept data from universal forwarders
  • Integrated Active Directory logs to monitor user and client authentication activities and identify any account compromises
  • Successfully scaled up Splunk indexer cluster and Search head cluster to maintain operational resources

Splunk Data Engineer

Marriot Hotel
01.2019 - 01.2020
  • Developed custom Splunk parsers via props.conf and transforms.conf to structure financial transaction data, enabling real-time reporting for market trend analysis and compliance monitoring
  • Set configurations on deployment server for onboarding, grouped Universal forwarders into server classes, and pushed out configurations to corresponding forwarder server classes
  • Standardized events from network devices using the CIM app, in order to make the data CIM compliant to facilitate data model acceleration for security team for more proactive responses against cyber threats
  • Utilized Splunk monitoring console and implemented eventstats command to sum overall value of index usage in environment by time, to gain a better understanding of Splunk indexers using the most resources
  • Troubleshoot for clients who are unable to search indexed data, due to license violations or missing index permissions
  • Configure license pools to allocate more license capacity to the environment
  • Create event types to categorize large sets of data for clients and group them in an easy to navigate fashion
  • Create lookups to attach to specific field-value pairs for clients to gain more insight and information on specific fields found within their events

System Administrator

Farmers Insurance Agency
01.2018 - 11.2018
  • Routinely utilized Linux commands to manage file permissions, edit configuration files, and organize system directories resulting in favorable system performance and security
  • Managed on-call ServiceNow incident requests ensuring timely resolution and escalating issues as necessary to maintain optimal service levels
  • Diagnosed and resolved technical service requests, delivering efficient solutions to users
  • Managed and maintained trouble-ticketing systems, ensuring accurate and timely updates for incident resolution
  • Communicated effectively with end-users through phone, email, and in-person interactions to address technical concerns
  • Performed imaging and OS patching of Windows 10 laptops using Microsoft Deployment Toolkit (MDT)
  • Identified and resolved system software and hardware configuration issues based on user reports and proactive inspections
  • Resolved VPN client firewall connectivity issues and ensured secure remote access
  • Provided training and guidance to users on network issues and enterprise applications




Skills

  • Splunk Certified Core User
  • Splunk Certified Power User
  • Splunk Enterprise Certified Admin

Timeline

Splunk Administrator

MetTel
02.2025 - 12.2025

Splunk Administrator

Navy Federal Credit Union
01.2023 - 01.2025

Splunk Data Engineer

Wells Fargo
02.2020 - 12.2022

Splunk Data Engineer

Marriot Hotel
01.2019 - 01.2020

System Administrator

Farmers Insurance Agency
01.2018 - 11.2018

Similar Profiles

CREATE PROFILE
Immanuel Adetunji