Experience in design, implementation, administration, and support on Hybrid Splunk environments (Splunk Cloud, Heavy forwarders, UFs, Deployment server).
Experience in onboarding data and troubleshooting
Good understanding of Role based access controls (RBAC) in Splunk.
Ensure availability of data sources with UFs, Heavy Forwarders and movement of data into Splunk Cloud
Good knowledge of Syslog, and Network protocols.
Troubleshooting Splunk performance issues, log feeds, field extractions, search time, etc.,
Ability to co-ordinate / escalate with vendor to resolve any potential issues.
Monitor the Splunk infrastructure for capacity planning and optimization
Excellent written and verbal communication skills
Experience in project management and customer service.
Ability to write clear standard operating procedure (SOP) and technical build documentation for maintaining the Splunk infrastructure.
Could have:
Scripting experience - PowerShell, Perl, Python, JavaScript, or Bash scripting
Experience with AWS Cloud platform (EC2 / S3).
Certification on Splunk Cloud Administration
Nice to have:
Experience with Linux and Windows with a solid understanding of system administration.