Splunk Administrator

Noblesoft TechnologiesUnited States

job_description.job_card.1_day_ago

serp_jobs.job_preview.job_type

job_description.job_card.job_description

Job Title : Splunk Administrator

Location : Remote

JD Splunk

1. Splunk Infrastructure Management :

Monitor and optimize the performance of Splunk clusters to ensure efficient data processing and search capabilities.
Troubleshoot and resolve issues related to Splunk infrastructure, ensuring high availability and reliability.
Experience in Splunk Cloud Infrastructure.

2. Data Ingestion and Parsing :

Design and implement data ingestion strategies for various log sources into Splunk.

Develop and maintain parsing configurations to normalize and enrich incoming data for effective analysis.

Collaborate with application owners and IT teams to onboard new data sources into Splunk.

3. Search and Reporting :

Create and optimize search queries and reports to extract valuable insights from the indexed data.

Customize and implement Splunk dashboards for different stakeholders to visualize key performance indicators and security metrics.

4. Security and Compliance :

Implement security best practices within Splunk to safeguard sensitive data.

Collaborate with the security team to configure and monitor alerts for suspicious activities or security incidents.

Ensure compliance with industry regulations and internal policies related to log management and data retention.

5. Automation and Scripting :

Develop automation scripts using SPL (Search Processing Language) and other scripting languages to streamline administrative tasks.

Continuously seek opportunities to improve efficiency through automation in Splunk processes.

6. Documentation and Training :

Maintain thorough documentation of Splunk configurations, processes, and troubleshooting procedures.

Provide training and support to other IT team members on Splunk best practices and usage

Splunk Administrator • United States