Shortcuts:

IMAGE: Return to Main IMAGE: Interviewer IMAGE: Show All Jobs IMAGE: Candidate login

Position Details: Splunk ITSI Admin

Location: chennai, TAMIL NADU
Openings: 5
Salary Range:

Description:

Job Description (JD)

highly skilled Splunk ITSI Admin with solid experience in Splunk Administration. The successful candidate will manage the configuration, deployment, and maintenance of Splunk IT Service Intelligence (ITSI), as well as other Splunk components in a complex environment. The role will involve building and maintaining dashboards, alerts, and KPI-driven visualizations to provide real-time insights and monitoring capabilities.

Key Responsibilities:

Splunk ITSI Management:

  • Administer and manage Splunk ITSI modules, including service and KPI creation, glass table design, and correlation searches.
  • Create and maintain ITSI Service Health Scores and Glass Tables to provide real-time visualization of critical services and their KPIs.
  • Fine-tune ITSI correlation searches to optimize event correlation and incident management.
  • Design and implement KPI-based thresholds and alerts for service health monitoring and event detection.

Splunk Dashboard & Visualization:

  • Design, develop, and maintain custom dashboards in Splunk and Splunk ITSI using SPL, panels, and visualization techniques.
  • Create dashboards for real-time monitoring, reporting, and performance tracking based on IT operational data.
  • Build multi-level drill-down dashboards for deeper insights into service performance and issues.
  • Collaborate with stakeholders to gather requirements and provide visual insights for operational and executive decision-making.
  • Ensure dashboards are optimized for performance and provide actionable insights.

 

Splunk Alerts & Monitoring:

  • Design, configure, and maintain alerts based on defined KPI thresholds, searches, and correlation rules in Splunk and Splunk ITSI.
  • Create and maintain ITSI Episode Review policies to manage events and incidents efficiently.
  • Automate alert management workflows for efficient incident response.
  • Configure email or webhook alerts for critical system health or service degradation notifications.
  • Ensure proper alert routing and escalations to relevant teams.

Splunk Administration:

  • Manage the day-to-day administration, maintenance, and configuration of Splunk environments (multisite indexer clusters, search head clusters, deployment servers, etc.).
  • Deploy and manage Splunk forwarders, indexers, and search heads to ensure data ingestion and search availability.
  • Perform troubleshooting of Splunk infrastructure, including indexing and search performance issues.
  • Manage data onboarding, sourcetypes, field extractions, lookups, and data model creation.

Operational Support:

  • Act as a subject matter expert (SME) for Splunk ITSI and Splunk Dashboards within the organization.
  • Troubleshoot and resolve performance, configuration, and indexing issues in Splunk and ITSI.
  • Ensure compliance with security standards, policies, and audit requirements.
  • Collaborate with IT and security teams to integrate various data sources into Splunk.
  • Assist L1/L2 teams in monitoring alerts and escalating incidents as needed.

Performance & Capacity Planning:

  • Conduct capacity planning, performance tuning, and scaling of Splunk clusters.
  • Provide recommendations for hardware and storage optimizations based on data growth trends.

Automation & Optimization:

  • Automate Splunk configurations using deployment server, REST APIs, or orchestration tools.
  • Continuously optimize Splunk Dashboards for performance and efficiency.

Incident Management & Reporting:

  • Work with Service Operations Teams to create proactive monitoring alerts.
  • Generate and maintain reports for system performance, availability, and capacity.
  • Assist in the development and delivery of regular reports, alerts, and dashboards for business stakeholders using Splunk and ITSI.

Required Qualifications:

  • 5+ years of experience working with Splunk as an admin, including multi-site indexer clusters.
  • 2+ years of experience managing and deploying Splunk ITSI with in-depth knowledge of service monitoring, glass tables, KPI creation, and episode management.
  • Expertise in creating and managing Splunk Dashboards and Alerts using SPL and ITSI.
  • Strong skills in SPL (Search Processing Language) for building queries, reports, and dashboards.
  • Proficiency in creating alerts, managing correlation searches, and configuring escalation workflows.
  • Experience with scripting languages like Python or Shell for automation purposes.
  • Strong understanding of networking concepts, Linux administration, and security monitoring.
  • Experience with data onboarding, parsing, indexing, and knowledge object creation in Splunk.
  • Splunk certifications (Splunk Admin, Splunk ITSI Implementation) are a strong plus.

Soft Skills:

  • Strong analytical and problem-solving abilities.
  • Ability to work independently and in a team.
  • Excellent communication and documentation skills.
  • Ability to work in a fast-paced environment and prioritize tasks.

Preferred Certifications:

  • Splunk Enterprise - Core Certified Power User
  • Splunk Enterprise - Core Certified Admin
  • Splunk ITSI Certified Admin

 

Perform an action:

IMAGE: Apply to Position




Powered by: CATS - Applicant Tracking System