AWS Splunk Administrator

W2 Only

for W2 Candidates

Description

• AWS Splunk Administrator
• Your future duties and responsibilities
• Work on advanced Splunk administration, and development efforts, with a goal towards enhancing/building out the Splunk infrastructure as it relates to application/machine logs, troubleshooting, reporting, custom queries, dashboards, and security roles administration.
• Support, maintain, and expand Splunk infrastructure in a highly resilient configuration
• Standardized Splunk agent deployment, configuration and maintenance across a variety of platforms
• Troubleshoot Splunk server and agent problems and issues
• Support Splunk developers and users in designing and maintaining production-quality dashboards
• Available for escalations and support operations for Splunk
• Monitor the agent and server infrastructure for capacity planning and optimization
• Support Splunk on Unix, Linux and Windows-based platforms
• Automate processes and procedures where applicable
• Research, design, evaluate, recommend and support major hardware and software enhancements
• Design, code and maintain custom scripts to increase system efficiency and lower the human intervention time on any tasks
• Required Qualifications To Be Successful In This Role
• 8-10 years of relevant experience
• Good Scripting experience in Python
• Core Splunk Knowledge
• Experience deploying apps within Splunk and administrating the Splunk platform.
• Experience with data normalization and data modeling within the Splunk environment.
• Experience in creating and managing Splunk DB connects Identities, Database connections, Database inputs, outputs, lookups, access controls, custom alerts, custom operations
• Strong Understanding of Splunk platform configuration, Web UI, and Common Information Model.
• Basic Understanding of regular expression.
• Experience in Splunk Search Processing Language (SPL) and ability to customize queries to do advanced searching.
• Experience in performing DevOps activities.
• Experience managing objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on)
• Experience in data onboarding/heavy Forwarders/Universal Forwarded
• 2 years of Experience with Splunk Enterprise on AWS is required
• Performs Other Duties As Required Or Assigned
• Onboarding of data including but not limited to:
• Administration of Splunk environment Troubleshooting parsing issues
• Troubleshooting indexer errors
• Configuration of outputs.conf
• SSL Certificates for outputs.conf

Desired Skillset

• AWS Splunk Enterprise Security, Data Models
• Troubleshoot issues and platform stabilization
• Migration to cloud
• Education
• Bachelor's Degree in Computer Science, Information Systems or relevant field of study

Skills

• DevOps
• Python
• Splunk
• Unix
• Linux