We are looking for an experienced Splunk / Cribl Developer to interface with the application teams to assist in the migration of Splunk to Splunk Cloud. Design and develop production quality data feeds to provide real time business process transactions monitoring and anomaly detection in Splunk. Optimize existing searches and dashboards to improve performance. Provide necessary training/demo to the application teams to operationalize the dashboards and data onboarding.

Key Job Functions:

• Creating Cribl pipelines, packs and routing modules
• Configure Data Feeds through Cribl to Splunk with route and filter functions for enrichment.
• Lead in Cribl and Splunk data feed troubleshooting efforts.
• Work with business and application teams to perform requirements gathering sessions to develop the scope and design of new and existing dashboards, alerts, reports, and data sources
• Understand the business process flow and design & develop an "End-2-End" business transaction visibility, including large scale processing, integration, and analysis of system logs and databases in Splunk
• Discover and mine data to develop meaningful insights into Failed, Unexpected, Incomplete or Delayed business transactions
• Explore and build new capabilities like Splunk mobile and develop mobile-friendly dashboards
• Design and build automation solutions to templates dashboards for large scale implementation for different business applications

Desired Experience and Skills:

• Splunk certifications: Splunk Certified Developer,
• Cribl training and/or Cribl Certification
• Expert level knowledge and understanding of Splunk "Search" language and building complex queries
• Implement KV stores, lookups, and data model acceleration to optimize search performance and reporting
• Experience with creating Splunk knowledge objects (field extractions, macros, event types, etc.)
• Splunk Searching and Reporting modules, Knowledge Objects, Administration, Dashboards, Clustering and Forwarder Management,
• Knowledge of scripts via the simple XML, advanced XML source, Regex, SPL and Python.
• Expert-level capabilities with regular expression, anomaly detection, and enrichment
• Strong problem solving, logic, and analytical skills
• Strong Communication skills (1x1 & presentation) ,
• Solid Documentation skills and great Attitude (team player & customer attitude) that can work in a “Agile” fashion and with a lot of “Ambiguity”
• Splunk (SPL) experience in creating dashboard views, reports and alerts for events,
• Solid experience, knowledge on Clouds Services like AWS and Azure,
• Experience migration from on-prem to cloud services (a plus)
• Experience configuring indexes, index routing, retention policies, and data onboarding through various methods (UF, HF, Syslog, Splunk TA, HEC, FTP(S), CSV, DB Connect, etc.)
• Basics troubleshooting Splunk Indexers, SH, UF ….for a multiple clusters and large environment.
  
• Cribl, working on creating Cribl Pipelines, Packs and Routing modules,
• Data feeds thru Cribl to Splunk applying routing and filter mechanism to enrich data
• Cribl Worker, Leader troubleshooting Experience with Regex, custom scripting along with Splunk SPL / python..
• Splunk Searching and Reporting modules, Knowledge Objects, Administration, Dashboards, Clustering and Forwarder Management,
  • Work Location:
    

• Remote
• EST