Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

SARAYU KONATHAM

Austin,TX

Summary

  • Over 6 years of diverse experience in Configuring, Monitoring, Implementing Splunk across Linux and Windows operating systems
  • Developed and scheduled new Splunk capacity dashboards, data models & performance reports to assist Sr. Management in making business critical capacity decisions
  • Experience with Splunk technical implementation, planning, customization, integration with big data and statistical and analytical modeling
  • Experience in Splunk data flow, components, features and product capability
  • Experience using Cribl to reduce Splunk license, storage costs and enrich data on the fly
  • Manage and upgrade Search Head Cluster, Indexer Cluster, Heavy forwarders, Deployment Server, License Master, Deployer and Master Node etc
  • In depth and extensive Knowledge in setting up Alerts and Monitoring recipes from the Machine generated data
  • Good understanding of Network concepts such as Firewalls, Load-balancers, Proxy, DNS, DHCP etc
  • Experience in writing complex REGEX (Regular Expressions)
  • Experience in onboarding data from cloud infrastructure including AWS, Azure, Google Cloud
  • Experience in SPL with ability to create well-structured search queries that minimize performance impact
  • Use Cribl for event sampling, route data to multiple destinations including ELK, S3 and Splunk
  • Experience with Devops practices using CI/CD with Bit bucket
  • Expertise at accessing client needs, working in a group, suggesting ideas that enhance efficiency and maximize performance, implementing cutting-edge technology solutions and training end users
  • Good communication skills and ability to work remotely or onsite under minimal supervision with deadlines and priority changes

Overview

8
8
years of professional experience
1
1
Certification

Work History

SR. Splunk Engineer

GSK Solutions Inc
09.2022 - Current
  • Design and implement Splunk Indexer and Search Head Cluster with 15TB of daily indexing
  • Gathered requirements, planned capacity, retention policy and provided estimates for clients
  • Configured Search Head Cluster, Indexer Cluster, Heavy forwarders, Deployment Server, License Master, Deployer and Master Node
  • Managed Splunk team and assigned work to offshore team
  • Interacted with Multiple clients during requirement gatherings and provided road map designs for Splunk solutions
  • Installed and configured Universal Forwarders and Heavy Forwarders to bring any kind of data fields in to Splunk
  • Installed Splunk apps like Splunk Add-on for Microsoft Windows, Splunk app for REST API, Splunk app for Unix, Splunk app for JMX, Splunk app for DBConnect, Splunk app for Microsoft cloud services, Splunk Add-on for Amazon Web Services etc
  • Manage syslog-ng servers which receives syslog data from security and network devices
  • Created custom Dashboards, Alerts and Reports to meet requirements of various user groups
  • Development and customization of Splunk using XML templates and advanced configuration
  • Build custom Splunk App dashboards with search forms and views, packaging and distribution
  • Developed Schedule reports and Alerts for various requests
  • Created Ansible scripts to automate installation of Universal Forwarders on Windows and Unix
  • Experience with summary indexing and data models
  • Use Cribl packs to quickly set up routes and pipelines for event data
  • Filtered and routed unwanted data to null queues using props and transforms
  • Troubleshoot and resolve issues related to queues, hec and role mapping
  • Integrated Splunk with wide variety of legacy data sources that use various protocols
  • Consulting with customers to customize and configure Splunk in order to meet their requirements
  • Standardize Splunk forwarder deployment, configuration and maintenance in Linux and windows platforms
  • Install and configure Splunk DB Connect to onboard data from databases
  • Evaluate, test and implement major and minor revision releases from Splunk
  • Constantly monitor and report to proactively detect and resolve issues before occurring
  • Ingest data from AWS S3, Kinesis and Azure Event Hubs like Cloud Watch, Cloud Trial, Billing, audit logs, Openshift etc.
  • Provide regular support guidance to Splunk project teams on complex solution and issue resolution
  • Created dashboards, report, scheduled searches and alerts
  • Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model
  • Integrated Service Now with Splunk to send Incidents from Splunk
  • Designing and maintaining production-quality Splunk dashboards
  • Experience with creating custom Splunk applications for data ingestion from different applications
  • Involve in proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health
  • Environments: SPLUNK 8.x, Cribl, Splunk DB Connect, Ansible, Confluence, Cisco, MS 365, Bit Bucket, RedHat Linux, AWS

Splunk Engineer

IB Hubs
01.2019 - 07.2021
  • Support Splunk environment with daily ingest volume of 10TB
  • Integrated Splunk with Active directory and LDAP for authentication
  • Integrate Splunk with Service now, maintaining Splunk instance and monitoring health of cluster
  • Use Splunk deployment server for managing Splunk forwarders and troubleshooting issues
  • Installed Splunk on nix and Splunk Add-on for Microsoft Windows for security use cases
  • Created set of user roles to in LDAP and single sign on implementation
  • Involved in setting up alerts for different type of errors, analyzed security based events, risks and reporting instances
  • Using SPL created visualizations to get value out of data
  • Created dashboards for various types of business users in organization
  • Provided technical services to projects, user requests and data queries
  • Involved in assisting offshore team members to understand use cases from business
  • Assisted internal users of Splunk in designing and maintaining production dashboards
  • Involved in writing complex regex and multikv command to extracts fields from log data
  • Involved in helping unix admins, Windows admins and Splunk administrators to deploy Splunk across UNIX and windows servers
  • Work with administrators to ensure Splunk is actively running and monitoring in Production environment
  • Involved in downloading and installing TA's and Apps from Splunkbase
  • Knowledge in various search commands like stats, chart, time chart, transaction
  • Experience in working with Splunk, LDAP and SAML authentication
  • Experience in extracting fields search time vs Index time
  • Good understanding of configuration files, file precedence to props.conf, transforms.conf, inputs.conf, outputs.conf etc
  • Maintain Splunk environment and manage index settings
  • Designed core scripts to automate Splunk maintenance and alerting tasks
  • Created many proof-of-concept dashboards for IT operations, and Infrastructure teams
  • Monitor application and server health using data ingested into Splunk
  • Expertise in reporting, development, deployment, management and performance tuning
  • Create apps, roles and manage permissions to knowledge objects
  • Integrate Service Now with Splunk to generate Incidents from Splunk
  • Good understanding of parsing, indexing, searching concepts along with hot, warm, cold, frozen and thawd buckets
  • Onboard new log sources with log analysis and parsing to enable SIEM correlation
  • Subject matter expert in best practices, security protocols, PKI, and other security-related issues
  • Analyzed large datasets to identify metrics, performance gaps and opportunities for improvement
  • Environments: Splunk7.x, Rest API, Linux OS, Service Now, XML, SIEM

Splunk Admin/Developer

Sonata Software
02.2017 - 12.2018
  • Worked on continuous optimization of resources by setting up monitoring console
  • Enhance Splunk search query and optimize for better performance
  • Experience in UNIX shell and rest API’s
  • Experience in Design core scripts to automate Splunk maintenance and alerting tasks
  • Experience with Splunk regular expressions and lookups for data enrichment
  • Working experience with Dynatrace application performance management tool
  • Batch management and optimization using performance metrics with Splunk
  • Create knowledge objects such as data models, lookups, macros, event type, saved searches, tags
  • Create Splunk applications and deploy using Splunk Deployment Server
  • Participate in Splunk weekly Maintenance and Patching
  • Compare Logs in networking devices take them into Splunk for finding issues quickly
  • Participated in Tools tribe meetings and gathered requirements from all SME's and developed dashboards
  • Developed customized Shell scripts in order to install, manage and configure multiple instances of Splunk
  • Analyzed user/business requirements and created user accesses by using admin privileges
  • Provided 24/7 on call support (rotational basis) behalf of Tools team to acknowledge and solve production issues
  • Environments: Splunk 6.x, Bladelogic, Github, DB Connect, DMC, Indexer Cluster

Network Engineer

Infosys
06.2016 - 01.2017
  • Worked as Network designing and Planning in the Telecom related project
  • NBN is responsible for connecting premises broadband access network
  • Connect locations which are nearer to one access network and checking whether connecting locations can reduce extra cost for cable lengths, extra equipment
  • Analyze opportunity for Daisy Chaining
  • Designing network in a way that equipment must be placed in middle locations
  • After designing run design tool and check for errors and design network by running QI validator and Delta Tool
  • Use Splunk for network troubleshooting
  • After testing, merge all locations which are in that network and start implementing network in that area
  • Environment: Cisco 3560/2950/2924/6509/6513/5500 switches, Cisco 3825/3640/7200 routers, VPN, BGP, OSPF, RIP, EIGRP, F5 BIG-IP, LTM, GTM, Nexus Switches 5K/7K, VLAN, VTP, Checkpoint

ABAP Developer

Infosys
08.2015 - 06.2016
  • Worked as Order to Cash Developer in large SAP Business Transformation project for major US Based client implementing complex OTC Business processes in SAP
  • Headed in business process design, analyze requirements and arrive at functional solution for to be business process
  • Designed, configured, developed and implemented SAP functional modules
  • Design functional specifications for reports, interfaces, enhancements, workflow and forms
  • Modified, tested and implemented SAP application software
  • Utilizes SAP knowledge and expertise to identify issues and implementation
  • Opportunities performing unit, system, integration and regression testing through the project life cycle
  • Analyzing critical issues and defects and provide SAP solutions accordingly, , ECC 6.0, SD, MM, FI modules, Oracle 1

Education

Master of Science - Computer Science

Northern Arizona University
Flagstaff, AZ
12.2022

Bachelor of Technology - Electronics & Communications Engineering

Sri Nidhi Institute of Science And Technology
i
04.2015

Skills

  • Operating Systems: Windows, Linux, AIX
  • Splunk Modules: Splunk 7x, 8x,9x, Enterprise Security 7x, ITSI 5x
  • Programming Language: Python, Shell
  • RDBMS: Oracle, MS-SQL Server, DB2
  • Web Technologies: HTML4/5, CSS3, JavaScript
  • Monitoring Tools: Splunk, Dynatrace
  • CI/CD: Ansible, JIRA, GitLab

Certification

Splunk Enterprise Certified Admin and Splunk Enterprise Certified Power User

Timeline

SR. Splunk Engineer

GSK Solutions Inc
09.2022 - Current

Splunk Engineer

IB Hubs
01.2019 - 07.2021

Splunk Admin/Developer

Sonata Software
02.2017 - 12.2018

Network Engineer

Infosys
06.2016 - 01.2017

ABAP Developer

Infosys
08.2015 - 06.2016

Master of Science - Computer Science

Northern Arizona University

Bachelor of Technology - Electronics & Communications Engineering

Sri Nidhi Institute of Science And Technology

Similar Profiles

CREATE PROFILE
SARAYU KONATHAM