Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Srinivasa Reddy Venna

Sr. Splunk SME Architect
Fort Wayne

Summary

Dynamic and results-driven Splunk Architect with 12+ years of IT expertise specializing in Splunk implementation, configuration, and support across enterprise environments. Adept at designing scalable architectures, migrating systems to cloud platforms, and leveraging Splunk Enterprise Security (ES) for robust threat detection and operational intelligence. Known for delivering innovative solutions, optimizing system performance, and collaborating across teams to achieve organizational goals.

Overview

14
14
years of professional experience
2
2
years of post-secondary education
3
3
Certifications

Work History

Sr. Splunk SME Architect

Medpro
Fort Wayne
06.2023 - Current
  • Installed and configured Splunk Enterprise versions 7.x to 9.x on Red Hat Linux and Windows servers.
  • Designed dashboards and reports showcasing application resource usage, login statistics, and failed login trends.
  • Configured Splunk Forwarders for new and existing application tiers, ensuring seamless data ingestion.
  • Developed Kafka clusters for high-volume data processing, enhancing fault tolerance and scalability.
  • Integrated Splunk ES with network security tools, optimizing correlation searches and threat intelligence.
  • Delivered comprehensive security assessments, identifying vulnerabilities and reducing incidents by 25%.
  • Managed Docker containers and migrated applications to Kubernetes clusters.
  • Configured Search Head and Indexer Clustering for high availability and fault tolerance.
  • Spearheaded Splunk Enterprise Security implementation to enhance visibility into the security posture.
  • Implemented differentiated instruction techniques to accommodate various learning styles and abilities within the classroom.

Sr. Splunk SME Architect

Suntrust
Atlanta
04.2019 - 05.2023
  • Designed and implemented Splunk Cloud architecture integrated with Linux infrastructure.
  • Migrated Splunk environments from on-premises to AWS Cloud, ensuring data integrity.
  • Tuned Kafka brokers and implemented Kafka Connect for seamless integration with external systems.
  • Created advanced dashboards for hybrid cloud environments using Cribl LogStream.
  • Conducted security audits and implemented Elastic Stack for enhanced log management.
  • Automated deployments with Helm charts and Kubernetes Operators.
  • Collaborated with stakeholders to address business challenges through tailored Elastic solutions.
  • Optimized Splunk configurations and search queries to maximize performance and scalability.
  • Implemented differentiated instruction techniques to accommodate various learning styles and abilities within the classroom.
  • Continually pursued professional development opportunities to stay current with educational trends and research, ensuring high-quality instruction for all students.
  • Promoted critical thinking by designing challenging assignments that required students to analyze and synthesize information.
  • Established a positive learning environment by fostering strong relationships with students, parents, and colleagues.
  • Maintained accurate records of student performance, using data-driven analysis to inform instructional decisions.
  • Installed, configured, and monitored new system features based on user needs.

Splunk Engineer

Windstream
03.2017 - 04.2019
  • Experience in Splunk GUI development creating Splunk apps, searches, Data models, dashboards, and Reports using the Splunk query language
  • Integrated Kafka with Splunk for monitoring, logging, and analytics, leveraging Kafka's high-throughput capabilities
  • Designed and implemented end-to-end monitoring solutions for Azure cloud environments, including Azure Monitor, Log Analytics, Application Insights, and Azure Security Center
  • Provided expertise in integrating Azure services with Splunk, enabling comprehensive monitoring and correlation of logs across hybrid cloud environments
  • Designed and implemented complex data ingestion pipelines using Cribl LogStream to streamline the collection, transformation, and routing of machine data into Splunk
  • Developed custom processing rules and transformations in Cribl LogStream to enrich data, improve indexing efficiency, and reduce ingestion costs
  • Optimized Splunk configurations and search queries to maximize performance and scalability, ensuring rapid data analysis and actionable insights
  • Collaborated with stakeholders to understand business requirements and translate them into technical solutions leveraging Splunk and Cribl LogStream
  • Provided technical guidance and support to cross-functional teams on best practices for Splunk and Cribl LogStream usage, configuration, and troubleshooting
  • Collaborated with clients to understand their unique business challenges and delivered tailored Elastic solutions to address their specific needs
  • Provide regular support guidance to Splunk project teams on complex solutions and issue resolution
  • Responsible for documenting the current architectural configurations and detailed data flow and troubleshooting guides for application support
  • Constantly monitored Splunk health checks like CPU and Memory Usage on the DMC Console
  • Involved as a Splunk Admin in capturing, analyzing and monitoring front-end and middleware applications
  • Worked with Client engagements and data onboarding and writing alerts, and dashboards using the Search Processing Language (SPL)
  • Spearheaded the implementation of Elastic Stack for log management and analysis, resulting in a 30% improvement in system monitoring capabilities
  • Collaborated with cross-functional teams to understand data requirements and designed customized dashboards tailored to specific business needs
  • Configured LogRhythm alarms and rules to detect anomalous activities and potential security breaches
  • Conducted regular LogRhythm training sessions for junior analysts to enhance team proficiency
  • Generated Shell Scripts to install Splunk Forwarders on all servers and configure with common Configuration Files such as Bootstrap scripts, and Outputs
  • Conf and Inputs
  • Conf files
  • Onboard new log sources with log analysis and parsing to enable SIEM correlation
  • Configuration of inputs
  • Conf and outputs
  • Conf to pull the XML-based events to the Splunk cloud indexer
  • Various types of charts alert settings Knowledge of app creation, user and role access permissions
  • Creating and managing apps, creating user, role, and permissions to knowledge objects
  • Monitoring Domain Controller server to push Active Directory logs to Splunk
  • Splunk expert-level understanding with Splunk Enterprise in CIM, Data models, Event management and Tags
  • Articulated and conveyed advanced technical concepts in presentation face-to-face related to
  • Automated data processing tasks, optimizing resource utilization and enhancing overall system performance
  • Designing/developing processes that can be understood and followed by Splunk developers and administrators
  • Expert in producing high-quality technical documentation for a team of experts for project implementation
  • Parsing, Indexing, Searching concepts Hot, Warm, Cold, Frozen bucketing and Splunk clustering
  • Setup and configuration of search head cluster with three search head nodes and managing the search head cluster with deployer
  • Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms
  • Designed and implemented Kafka-based data pipelines for event-driven microservices architecture
  • Provide regular support guidance to SPLUNK project teams on complex solutions and issue resolution to ensure best fit and high quality
  • Interact with the data warehousing team regarding extracting the data and suggest the standard data format such that Splunk will identify most of the fields
  • Analyzed large datasets to identify metrics, drivers, performance gaps and opportunities for improvement
  • Designed and implemented a NoSQL-based database and associated RESTful web service that persists high-volume user profile data for vertical teams
  • Scripted SQL Queries following the Splunk
  • Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health
  • Created Dashboards, reports, scheduled searches and alerts
  • User and security account management using LDAP and Kerberos configurations protocols, and file management using RWX permissions or ACL
  • Created a dashboard for monitoring multiple tools like Service Now, DLP, network traffic, user behaviour, infrastructure monitoring, and data logging
  • Created complicated dashboards to monitor the whole infrastructure using various tools data displaying any red flags
  • And also displays how many notables were fired during each hour and looks for the status the each correlation search
  • Monitoring and Maintaining system configuration and log files and system errors with password recovery and performance tuning, performing fault isolation and root-cause analysis of recurring issues
  • Responsible for data management using Red Hat utilities for archiving, compression backup and restoration
  • Create a dashboard from search, scheduled searches and Inline search vs scheduled search in a dashboard
  • Field Extraction, Using IFX, Rex Command and Regex in configuration files
  • Providing Information Security Operations Center (ISOC) support, analysing a variety of network and host-based security logs (Firewalls, NIDS, HIDS, Syslog, etc.)
  • Splunk administering in environments like Windows servers, Red Hat Linux Enterprise Server
  • Implemented and managed Splunk Enterprise to ingest, index, and correlate log data from diverse sources for comprehensive threat detection and response
  • Designed Splunk Enterprise 6.5 and 7.0,7.1 infrastructure to provide high availability by configuring clusters across two different data centres
  • Create documentation on build, deployment, and sustainment processes and procedures for application use in cloud capable datacenter
  • Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise server7.x/6.x/5.x
  • Architect and Implement Splunk arrangements in exceptionally accessible, repetitive, conveyed figuring situations
  • Performed Field Extracts and Transformations using the RegEx in Splunk
  • Designed the large-scale job scheduling mechanism for mortgage underwriting operation teams
  • Analysed the 22 reports to determine the conversion of the reports either using FID tables and views or using Free Form SQL
  • Conducted regular reviews of LogRhythm and Splunk configurations, fine-tuning settings and policies to optimize performance and ensure compliance with industry standards
  • Operate, develop for, and maintain the Splunk log management infrastructure, leverage knowledge on a number of security technologies, information security, and networking
  • Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk
  • Installed and configured Splunk Universal Forwarders on both UNIX (Linux, Solaris, and AIX) and Windows Servers
  • Hands-on experience in customizing Splunk dashboards, visualizations, and configurations using customized Splunk queries
  • Monitored the Splunk infrastructure for capacity planning, scalability, and optimization
  • Monitored license usage, indexing metrics, Index Performance, Forwarder performance, and death testing
  • Splunk Architecture/Engineering and Administration for SOX monitoring and control compliance
  • Design and implement Splunk Architecture (Indexer, Deployment server, Search heads, and Forwarder management), create/migrate existing Dashboards, Reports, and Alerts, on a daily/weekly schedule to provide the best productivity and service to the business units and other stakeholders
  • Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms
  • Conduct data onboarding requirement analysis with consumers of Splunk Enterprise to define project scope and feasibility
  • Integrate data feeds from network devices, infrastructure services, and business-critical applications into Splunk using Universal Forwarders, Heavy Forwarders, Syslog, and HEC Clusters
  • Troubleshoot and resolve issues related to data ingestion, including addressing quiet source monitoring and broken feeds
  • Develop, manage, and optimize Splunk dashboards, knowledge objects, ad-hoc searches, and scheduled alerts to meet operational and business needs
  • Apply Splunk’s latest system capabilities to provide updates, enhancements, and modifications to the existing environment, ensuring continuous improvement
  • Collaborate with internal users and teams to provide technical guidance and best practices for Splunk utilization
  • LogRhythm experience to design, implement, and manage comprehensive security monitoring solutions for clients across various industries
  • Responsible for troubleshooting various indexing issues by analyzing Splunk logs such as splunkd.log, and metrics.log ingested as internal index
  • Support and execute arrangements considering a full information lifecycle (Search and investigate, Add Knowledge, Monitor and alert, Report and analyse)
  • Followed agile and scrum processes for the whole implementation process.

Splunk Admin

ANZ Bank
11.2014 - 12.2015
  • Installed, Configured, Maintained, Tuned and Supported Splunk Enterprise Server 6.0 and Splunk Universal Forwarder 6.0
  • Administered a complex cluster-based environment involving search heads in a cluster while the indexers were in standalone mode
  • Configured Splunk forwarder to send unnecessary log events to "Null Queue" using props and transforms configurations
  • Integrated diverse data streams into Splunk Enterprise, ensuring seamless connectivity and data availability
  • Monitored and maintained data feeds, proactively resolving ingestion issues and optimizing system performance
  • Designed and implemented high-performance dashboards and alerts, delivering real-time insights to stakeholders
  • Trained internal teams on leveraging Splunk’s features for effective data analysis and reporting
  • Executed upgrades and enhancements to the Splunk environment, improving system functionality and reliability
  • Created and configured management reports and dashboards in Splunk for application log monitoring
  • Active monitoring of Jobs through alert tools and responding with certain action to logs analyses the logs and escalates to high level teams on critical issues
  • Responsible for developing Splunk queries and dashboards targeted at understanding application performance and capacity analysis
  • Extensive experience in setting up Splunk to monitor the customer volume and track customer activity
  • Have been involved as a Splunk Admin in capturing, analyzing and monitoring front-end and middleware applications
  • Created Shell Scripts to install Splunk Forwarders on all servers and configure with common configuration files such as Bootstrap scripts, Outputs
  • Conf and Inputs
  • Conf files
  • Extensively used Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards
  • Installation and implementation of the Splunk App for Enterprise Security documented best practices for the installation and performed knowledge transfer on the process
  • Using DB connect for real-time data integration between SplunkEnterprise and databases
  • Analyzing at the forwarder level to mask the customer-sensitive data able to manage distributed search across a set of indexers
  • Administered various shell and Python scripts for monitoring and automation
  • Extensive experience in setting up Splunk to monitor the customer volume and track customer activity
  • Administering the MS SQL Server by Creating User Logins with appropriate roles, dropping and locking the logins, monitoring the user accounts, creating of groups, and granting privileges to users and groups.

PL/SQL Developer

HSBC
02.2012 - 11.2014
  • Responsible for Analysis, Design, Coding, Debugging and testing the processes/programs that are necessary to extract data from Operational Databases, transforming and cleaning the data and loading it to the data ware house
  • Experience in writing the SQL, and PLSQL stored procedures to meet the business requirements and the transformations
  • Developed PL/SQL triggers and master tables for the automatic creation of primary keys
  • Used Dynamic SQL to implement DDL statements in PL/SQL programs
  • Worked with the team to design, develop, test & implement the system
  • Creation of database objects like tables, and procedures using Oracle tools like PL/SQL, and TOAD
  • Written Stored Procedures using PL/SQL
  • Responsible for developing PL/SQL Functions, Procedures, Packages, Cursors and Triggers
  • Created programming code using advanced concepts of Records, Collections and Dynamic SQL
  • Extensively used error and exception handling techniques for validation purposes in code
  • Created Functions for duty calculations and validation of the inputs
  • Involved in the Development of the applications by using PL/SQL tools like cursors and exception handlers, Loops and records
  • SQL Queries
  • Generated specific reports using the crystal report system
  • Developed scripts for checking Oracle errors in alert logs and trace files every 15minutes
  • Involved in coding with SQL, PL/SQL function, stored procedure, packages, triggers, and Materialized view for Oracle database
  • Successfully performed data replication using Materialized views
  • Implementing Best Practices for optimizing and tuning the database
  • Monitoring the database audit log.

SQL Developer

Accenture
Bangalore
09.2010 - 02.2012
  • Designed, Coded, Tested, and Implemented the Stored Procedures to support the System
  • Fixed bugs in the existing in-house developed Software which is used to upload the reports for the end users to view the reports
  • Created records, tables, and collections (nested tables and arrays) for improving Query performance by reducing context switching
  • Participated in code reviews in Oracle Views, and Pl/SQL Procedures to understand the testing needs of the change components
  • Involved in writing PL/SQL Packages, Functions, Stored Procedures, and Data Base Triggers
  • Created huge database packages with related functions and procedures
  • Added database triggers to some history tables of the database
  • Created and configured SQL mail to send mail as events occur.

Education

Bachelors - Computer Science

Osmania University
01.2008 - 01.2010

Masters - Computer Science

Pacific States University

Skills

  • Splunk 5x

  • Splunk 6x

  • Splunk 7x

  • Splunk 71

  • Splunk 73

  • Splunk 8X

  • Splunk 9X

  • Splunk Enterprise

  • Splunk on Splunk

  • Splunk DB 2 Connect

  • Splunk Cloud

  • Hunk

  • Splunk IT Service Intelligence

  • Splunk Enterprise Security

  • Xsoar

  • Windows 2012

  • Windows XP

  • Windows 10

  • Windows Server

  • Unix/Linux

  • Red Hat

  • Free BSD

  • Requirement Analysis

  • Business Analysis

  • Detail Design

  • Data Flow Diagrams

  • Data Definition Table

  • Business Rules

  • Data Modelling

  • Data Warehousing

  • System Integration

  • Oracle 11g

  • Oracle 10g

  • Oracle 9i

  • Oracle 8i

  • MS-SQL Server 2000

  • MS-SQL Server 2005

  • MS-SQL Server 2008

  • Sybase

  • DB2

  • MS Access

  • MySQL

  • SDLC

  • Object Oriented Analysis and Design

  • Unified Modeling Language (UML)

  • Elastic

  • Assembly and System Level Testing

  • Agile

  • Kubernetes

  • Cluster Setup and Management

  • Helm

  • Kubectl

  • Kustomize

  • Operator

  • Splunk Universal Forwarder

  • Splunk Heavy Forwarder

  • Syslog

  • HEC Integration

  • Advanced Search Processing Language (SPL)

  • Python

  • Bash Scripting

  • Linux Administration

  • Windows Server Administration

  • Network Protocols

  • TCP/IP

  • HTTP/S

  • System Monitoring

  • Performance Optimization

  • IT Service Management

  • ITIL Framework

Stakeholder management

Innovative thinking

Strategic thinking

Creative solutions

Problem-solving

Multitasking

Decision-making

Teamwork and collaboration

Time management

Adaptability and flexibility

Process improvement

Certification

Splunk Certified Admin

Timeline

Sr. Splunk SME Architect

Medpro
06.2023 - Current

Sr. Splunk SME Architect

Suntrust
04.2019 - 05.2023

Splunk Engineer

Windstream
03.2017 - 04.2019

Splunk Admin

ANZ Bank
11.2014 - 12.2015

PL/SQL Developer

HSBC
02.2012 - 11.2014

SQL Developer

Accenture
09.2010 - 02.2012

Bachelors - Computer Science

Osmania University
01.2008 - 01.2010

Masters - Computer Science

Pacific States University

Similar Profiles

  • Bui Trieu Anh Tuan

    Bui Trieu Anh TuanBui Trieu Anh Tuan

    Board of Directors at MedProBoard of Directors at MedPro

    View Profile
  • Olivia Foster

    Olivia FosterOlivia Foster

    EMT-Basic at MedProEMT-Basic at MedPro

    View Profile
  • Ketan Kumar Lachoriya

    Ketan Kumar LachoriyaKetan Kumar Lachoriya

    Java Developer at MedproJava Developer at Medpro

    View Profile
Srinivasa Reddy VennaSr. Splunk SME Architect