We are seeking an experienced SPLUNK administrator to assist with log ingestion and normalization and improving efficiencies in current SPLUNK design
- Experience with Splunk Enterprise hands-on Engineering & Administration deployment, troubleshooting, onboarding data, and maintenance in a clustered environment
- Proficiency in SPL
- Experience implementing CIM compliance and optimizing Splunk data models
- Experience with Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs
- In-depth knowledge of various log formats (e.g., syslog, JSON)
- 4+ years of experience with Linux OS, services, daemons, and VMs
- Ability to follow Change & Configuration Management, utilizing automation tools, such as Git.
- Solid understanding of IT infrastructure, including networking, operating systems, and security principles.
- Solid understanding of security operations and common log source requirements for security appliances and endpoints