Overview
Skills
Job Details
- Developing Splunk content for creating searches, dashboards, and working within Splunk Enterprise Security.
- Using Regex to write and make custom signatures, to be used in the front end and the backend of Splunk
- Doing parsing, so taking a blob of text, then taking things out that are useful like metadata, to do this is a pattern metric, most stacks take Regex, like commas or limited stuff. They have to do this to find data and pick out certain parts to put it into the right parts of Splunk/what goes into Splunk and what doesn't
- This team supports and uses Splunk for cyber security and operational monitoring, and to present ideas like for marketing/ problem resolution, it's a great humongous data tool, really easy to use, for example if you want to see a problem you can see it very easily.
- Experience doing Splunk content development for creating searches, dashboards, and working within Splunk. Specifically familiarity with the configuration file options that are not available through the GUI. Experience working with Splunk ES (Enterprise Security) specifically. Understanding of Splunk Search language, Splunk Dashboards, Reports, Lookup Tables, and Summary Indexes. Knowledge of how to customize Dashboards via the XML source. Awareness of the Common Information Model and how to apply it directly and indirectly to data feeds. Expert-level capabilities with regular expression. Experience with Splunk Apps (both using and making).
2. Experience doing correlation searches, how to set up correlation searches within Splunk ES within Splunk ES, saved searches, doing correlations in this.
Experience working within signatures in the IDS and IPS space, doing signature analysis and signature writing, analyze these, looking to see if they are set right or not.
3. Awareness of how to handle null data and its impact on statistical analysis
4. Using Regex to write and make custom signatures, to be used in the front end and the backend of Splunk