Splunk SPL Multi - Cluster Expert
Less than 5 years experience • Financial Services
Work as part of the team to manage and maintain large Splunk environment. Primary responsibilities are data integration, transformation and Splunk apps management in a dynamic environment. Ideal candidate should have 2+ years of Splunk experience - particularly onboarding data to Splunk. Have strong communication skills, troubleshooting skills and operational mindset.
- Perform configuration management, license management, data integration, data transformation, field extraction, event parsing, data preview, and Apps management of Splunk platform
- Standardize Splunk forwarder deployment, configuration, and maintenance in Linux and Windows platforms.
- Assist in migration of users, applications, and data feeds from legacy Splunk instances
- Collaborate with internal teams to integrate data feeds to a centralized Splunk platform.
- Build, customize, and deploy Splunk apps
- Develop and maintain production quality dashboards, custom views, saved searches and alerts
- Create and maintain architectural diagrams, runbooks, and other relevant documentation for the Splunk platform
- Assist internal users of Splunk in designing and maintaining production quality dashboards
- Act as a first level support for Splunk internal users
- Bachelor's degree or equivalent in work experience
- 2+ years of administration in Splunk in a large multi-cluster
- 2+ Experience with Splunk SPL and Splunk configuration files
- Extensive experienceonboarding data into Splunk
- Ability to work with users to implement best practice logging standards
- Experience with Python or Bash
- Experience with regex for both index and search time extractions
- Experience working with cloud computing (ex: AWS) preferred
- Strong verbal and written communication skills,
- Strong analytical and troubleshooting skills