Ishan Soni

• Solution Design: Led the design efforts to align Splunk solutions with organizational objectives, collaborating closely with stakeholders to gather requirements and architecting solutions accordingly.
• Architecture Planning: Developed and maintained architecture roadmaps for Splunk deployments, including sizing infrastructure, planning for scalability, and ensuring high availability.
• Deployment and Configuration: Oversaw the installation, configuration, and optimization of Splunk components, ensuring adherence to best practices for security, performance, and functionality.
• Integration: Facilitated the integration of Splunk with other systems and tools within the organization's ecosystem, ensuring seamless data flow and interoperability.
• Performance Tuning and Optimization: Continuously monitored and optimized Splunk deployments to ensure efficient resource utilization and timely data processing.
• Security and Compliance: Implemented and enforced security best practices within Splunk deployments, ensuring compliance with relevant regulations and standards.
• Troubleshooting and Support: Provided guidance and support for troubleshooting Splunk deployments, diagnosing issues, and implementing solutions to maintain operational continuity.
• Documentation and Training: Developed comprehensive documentation of Splunk architectures and configurations, and provided training to users and administrators on Splunk usage and best practices.

• ○ Assisted multiple customers with WLM implementation, data
• onboarding, building search queries and creating dashboards,
• app/add-on installation, configuration and upgrades.
• ○ Provided Splunk best practices and guidance on various tasks and
• concepts, such as HA/DR, multi-site clusters, and migrations, to
• ensure an excellent customer experience.
• ○ As part of the on-call team I was working with various splunk
• issues on a daily basis.
• ○ The issues reported to me where like App installation/upgrade
• issues, Stack build/upgrade issues, DMC issues, Backup/restore
• requests (including EBS, SmartStore, DDAA, KVStore) Urgent
• stack infrastructure changes (Instance type changes, instance
• number changes, adaptive provisioning, EBS upsizing, DNS
• changes, Security Group changes, Urgent or timed stack config
• changes, and Certificate issues.
• ○ Worked on different P0, P1, P2 incidents and helped customers to
• get the best solution on the issue.
• ○ Also, Helped to fill the PIR for customers in which there are
• detailed steps of issues with remediation of the incident.
• ○ Experienced on working with cross-functional teams which are
• set globally in Australia, UK, and US.
• ○ Spearheaded escalations ensuring successful customer deliveries.
• ○ Troubleshot and fixed issues faced by the team during various
• customer maintenance windows.
• ○ Ushered a team of 30 people through their respective tasks to
• meet the SLAs.
• ○ Reviewed and improved the statement of work for all tasks
• performed on the Splunk cloud stacks like app/add-on
• installations/upgrades, Splunk upgrades/migrations, ad hoc
• configuration changes, index/sourcetype
• creations/modifications/deletions, data migration, rebuilding data
• buckets, upscaling/downgrading infrastructure, etc.
• ○ Corroborated improvement tickets for feature fixes and runbook
• modifications for any new or existing procedures implemented by
• the team.
• ○ Managed the customer maintenance window extensions and
• presented them to the stakeholders and managers during weekly
• sync-ups.
• ○ Reviewed PIRs and RCAs for MW extensions.
• ○ Assigned ad hoc maintenance window troubleshooting tasks to
• the team based on their respective roles.
• ○ Developed dashboards in JIRA using JQL for seamless monitoring
• of maintenance window executions and escalations.
• ○ Imported Splunk cloud customer stacks to a platform with
• splunk-cloud-operator, which follows the K8s Operators pattern
• maintaining the desired state of a stack.

○ Performed phased migration of Splunk cloud customers from the
legacy Stackmakr environment to Cloudworks
○ Analyze all aspects of the stack from health to installed
apps/add-on.
○ Migrate configuration and apps from legacy stack to Cloudworks
stack and cut ingestion over
○ Decommission legacy stack and ensure that there are no issues
post migration.
○ Worked with the Migration team and Migration Success Leads to
discuss issues faced in Stack migrations and possible approaches
to mitigate those issues.
○ Tools and technologies worked upon - Splunk, AWS, Terraform,
Ansible, Puppet, Jenkins, Gitlab.
○ Performed maintenance tasks for Splunk Cloud Customers like
installing and upgrading apps and add-ons, configuration changes,
Index definition, HEC token creation, hardware scale-up and
scale-down, IP whitelisting, applying custom certs, feature
additions like enabling DDAA and creating Kinesis firehose ELB,
etc.
○ Created and modified various Runbooks to be used by SREs to
perform maintenance tasks.
○ Managed and resolved escalations during the customer’s
maintenance windows.
○ Performed prerequisite checks for identifying potential issues
and break fixes needed prior to a maintenance window.
○ Performed multiple fleetwide Splunk upgrades for Splunk cloud
stacks ensuring that no prerequisite checks are failing and the
stack is stable post upgrade.