Experience in design, implementation, administration, and support on Hybrid Splunk environments (Splunk Cloud, Heavy forwarders, UFs, Deployment server).
Experience in onboarding data and troubleshooting
Good understanding of Role based access controls (RBAC) in Splunk.
Ensure availability of data sources with UFs, Heavy Forwarders and movement of data into Splunk Cloud
Good knowledge of Syslog, and Network protocols.
Troubleshooting Splunk performance issues, log feeds, field extractions, search time, etc.,
Ability to co-ordinate / escalate with vendor to resolve any potential issues.
Monitor the Splunk infrastructure for capacity planning and optimization
Excellent written and verbal communication skills
Experience in project management and customer service.
Ability to write clear standard operating procedure (SOP) and technical build documentation for maintaining the Splunk infrastructure.