Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
- Analyze and lead data onboarding requirement discussions with consumers of Splunk Enterprise to determine scope and feasibility
- Integrate data streams, feeds from network, infrastructure services, mission critical/business applications into Splunk using the Splunk Universal Forwarder, Syslog, Splunk Heavy Forwarders and Splunk HEC Clusters.
- Perform troubleshooting of existing feeds that are no longer collecting data (quiet source monitoring).
- Interact with internal Splunk users base for the development, management and tuning of Splunk dashboards, knowledge objects, ad-hoc/scheduled searches and alerts.
- Interpret and apply new technical and system capabilities as needed to provide updates, enhancements, and modifications to an existing Splunk environment.