Job Description:
Job Description:
- 6+ Years of experience in the management of the Splunk Environment with
more than 4 years in Splunk administration-related tasks
- 3+ years of experience in Splunk ES application management
- Strong in IT Infra fundamentals like networking and operating systems
concepts
- Good understanding of the cyber security concepts and attack patterns
Responsibility:
Understanding of the Splunk
a. Splunk modules
b. Architecture environment (indexer, forwarder and deployment
server)
- On-boarding the log sources by installing the agents and configuration of
the forwarders
- Management of the deployment server to manage the agents
- Implementing and deploying the index and search head clusters
- Manage the Splunk configuration file like props. conf, index.conf, index.conf, input.conf, output.conf, limits.conf, macro.conf etc.
- Manage users and permissions of the files
Manage and monitor the license usage
a. Create and manage license pool(s)
b. Monitor license violations etc.
- Deploy and manage Splunk applications and add-ons
- Perform the backup of data (hot, cold and warm backup)
- Restoration of data from the frozen data whenever required
- Perform the Splunk troubleshooting for the logs and application and
dashboards
- Creation and management of the dashboard reports
- Creation and management of the knowledge objects like macro,
event types, tags, lookups etc.
- Create and manage users, roles and permissions
Duration: 12 months
Location: Eindhoven, Netherlands
