Rahul Gawande

• On boarding of new security audit log sources to Splunk Enterprise and performing data parsing, filtering the data, and making data readable format and maintain the data quality for the customers.
• Building and design Splunk infrastructure platform with new heavy forwarders, indexers, search heads as per the per day ingestion of the data in Splunk.
• Integrate with security log sources and application like Microsoft office, windows, Unix, VMware, crowdstrike, network firewall logs, MFA, mainframe etc.
• Perform upgrade of Splunk Enterprise to keep environment up to date and upgrade the data integration add-ons and apps update in Splunk Enterprise as per the audit findings.
• Develop custom add-on using scripting and out of box available tools.
• Developing ansible automation to performing upgrade, deploying apps, providing access to new users and working continuous enhancement to the automation.
• Work with third party vendors on support case and upcoming new features within.
• Create monitoring dashboard for customers which will show the overall health and performance of the systems.
• Performing regular audit of license usage and keeping client up to date and provide ideas to keep them within limit.
• Participating in planning event for the upcoming work, define priority and plan the stories in Sprint.
• Experience in AWS, building Infrastructure in AWS for Splunk also working on terraform automation to build ec2 instance in AWS.
• Meet with customer understanding the requirement for data onboarding and configuration alerts using Splunk query which will identify the threats.
• Conducting the regular quality check on Splunk alerts and apps, add-ons to avoid security risk.
• Experience is Git, Gitlab and version control.
• Delivered outstanding service to clients to maintain and extend relationship for future business opportunities.

• On boarding of new security audit log sources to Splunk Enterprise and performing data parsing, filtering the data, and making data readable format and maintain the data quality for the customers
• Building and design Splunk infrastructure platform with new heavy forwarders, indexers, search heads as per the per day ingestion of the data in Splunk
• Integrate with security log sources and application like Microsoft office, windows, Unix, VMware, crowdstrike, network firewall logs, MFA, mainframe etc
• Perform upgrade of Splunk Enterprise to keep environment up to date and upgrade the data integration add-ons and apps update in Splunk Enterprise as per the audit findings
• Develop custom add-on using scripting and out of box available tools
• Developing ansible automation to performing upgrade, deploying apps, providing access to new users and working continuous enhancement to the automation
• Work with third party vendors on support case and upcoming new features within
• Create monitoring dashboard for customers which will show the overall health and performance of the systems
• Performing regular audit of license usage and keeping client up to date and provide ideas to keep them within limit
• Participating in planning event for the upcoming work, define priority and plan the stories in Sprint
• Experience in AWS, building Infrastructure in AWS for Splunk also working on terraform automation to build ec2 instance in AWS
• Meet with customer understanding the requirement for data onboarding and configuration alerts using Splunk query which will identify the threats
• Conducting the regular quality check on Splunk alerts and apps, add-ons to avoid security risk
• Experience is Git, Gitlab and version control
• Roles and Responsibilities (CA monitoring tools (CA SOI, UIM))
• Installation and implementation of CA UIM, CA SOI across three different environments
• Creating packages and deployment using Infrastructure manager Console
• Onboarding on robot
• Configuration of various probes (cdm, ntservices, url_responce, processes, etc.)
• Installation and implementation of HP OMW, HP NNMi, HP Performace Manager across three different environments
• Implementation of HP NNMi and integrating it with HP OMW for events management
• Configure high availability for HP NNMi and HP OMW servers
• Migrate all the OVO agents 11.10 to OVO 11.11 agents
• Integration of HP Reporter with HP OMW, HP PM
• Integrating the third party tools with OMW and NNM (HP BAC, WILY, NASTEL, and SLPUNK)
• Assume an active role in project management as the key technical representative for assigned tools, services and technologies
• Consult and collaborate with customers, members of the Monitoring Tools Team, other cross-functional IT groups and stakeholders to identify requirements and implement enterprise level monitoring, process and service solutions
• Provide Level 3 incident and problem management support with responsibility for resolution and root cause analysis of the most complex hardware and software issues within Operating Level Agreements
• Provide on-call support for the Monitoring Team’s portfolio of monitoring tools and services outside of normal working hours based on a rotational, on-call schedule and as needed to provide support coverage for vacations, illness and other circumstances
• Engage vendors and leverage vendor support facilities to report and track product deficiencies and monitor these for recommended hardware and software updates
• Implement maintenance as necessary and per schedule to keep assigned tools within scope of vendor recommended maintenance levels and support
• Provide effective technical documentation to clearly communicate procedures and developments to the Monitoring Team and to other IT personnel
• All the security devices like cameras, speakers are managed by a centralized server, so to monitor those servers with NNMi using the custom pollers and MIBS

Administrator console: Remote installation of MOM agent on the server And Manual installation on the server

Operator console: putting/ removing server is maintenance mode.

Reporting console: Get the report for percentage utilization for different servers.

Customizations of the existing rules and threshold in MOM

Creating new rules/monitors/tasks using Ops console as per the requirement.

Fine tune the Management packs by changing the thresholds as per the inputs received.

Create and maintain Subscription and groups for email notification of alerts.

Configure the Maintenance mode window to suppress the false alerts for planned outages.

Plan and implement monitoring solutions as per the business/project needs.

Review availability reports and provide inputs to the problem management process.

Troubleshoot issues related to alert generation\notification and ticket creation.

Conducting trainings for the team.