Akshay Kumar Pogaku
Toronto,Canada
Summary
Dynamic Splunk Admin & Developer with a proven track record at Priceline, optimizing Splunk Cloud performance and reducing ingestion costs by 30%. Expert in data analysis and collaboration, leveraging skills in Python and SQL to drive impactful solutions. Adept at managing complex projects while ensuring operational stability and compliance.
Overview
10
10
years of professional experience
Work History
Splunk Admin & Developer
Priceline
Toronto, Canada
12.2024 - Current
- Administered and supported the Splunk Cloud platform, ensuring high availability, performance, and operational stability.
- Monitored Splunk Cloud health, collaborated closely with Splunk Cloud support teams to perform platform upgrades, validations, and post-upgrade troubleshooting.
- Analyzed data ingestion volumes and partnered with multiple application teams to optimize logging patterns, successfully reducing overall ingestion volume and associated costs.
- Optimized Splunk app bundle size by identifying inefficiencies and providing remediation solutions to meet Splunk Cloud best practices.
- Served as on-call support for PagerDuty alerts, diagnosing and resolving critical production issues within defined SLAs.
- Supported and managed Splunk Mobile application functionality and user access.
- Created and managed API tokens and HEC tokens for multiple teams, ensuring secure and compliant data ingestion.
- Restored archived logs upon business and audit requests, ensuring data availability and compliance requirements were met.
- Created, deployed, and upgraded Splunk apps, ensuring compatibility and platform stability.
- Managed access requests and troubleshot diverse ingestion issues across multiple data sources.
- Designed and developed cost attribution dashboards in Splunk to break down license consumption by team, enabling better cost visibility and accountability.
- Collaborated with the Splunk licensing team on contract and usage discussions; played a key role in license optimization and reduced SVC consumption through platform tuning.
- Conducted Proof of Concepts (POCs) for observability platforms including ClickHouse, New Relic, Grafana, and Coralogix to evaluate performance, scalability, and cost efficiency.
- Implemented ClickHouse from scratch, including cluster setup, configuration, and integration with Grafana as the primary visualization layer.
- Built health monitoring dashboards and alerts for ClickHouse and related infrastructure.
- Authored detailed Confluence documentation outlining alert troubleshooting procedures and operational runbooks for ClickHouse.
- Performed upgrades of ClickHouse server, Keeper, and Operator, ensuring minimal downtime and system stability.
- Created dashboards in Google Cloud and New Relic to monitor ClickHouse infrastructure logs and system performance.
- Environment: Splunk Cloud
Splunk Developer & Admin
Saskpower
Regina, Canada
05.2023 - 12.2024
- Worked on Splunk Consolidation project where we have consolidated two different Splunk stacks (Existing Analytics stack and Security Splunk stack) into one single Consolidated Splunk state.
- Created inventory of data source/apps required for migration for Security, Analytics and Network (PIA/RIM).
- Created inventory of Reports, Dashboards and Alerts for Security, Analytics and Network (PIA/RIM).
- Worked with different teams to identify apps, data sources and knowledge objects required for migration.
- Verified server connectivity and submit firewall requests accordingly (physical servers).
- Configured - Splunk indexer Cluster, Splunk Deployment Server, Splunk Search Heads and Splunk Heavy Forwarders.
- Requested SSL Certificates and installed/configured on Splunk Servers (HTTPS).
- Worked with different teams to identify roles and users required for Splunk access.
- Created LDAP Auth configuration for all Splunk servers.
- Installed required Apps on IDX cluster, Search heads and Heavy forwarders.
- Worked on Data Migration Script (Python script) to transfer the data from Source server to destination server and tested it.
- Setup Power Bi Connectivity with Splunk.
- Verified Sentinel feeds for DLP, Cisco CSW, eStreamer and syslog data.
- Worked on decommissioning Old Splunk servers.
- Provided support to Estreamer services.
- Monitored Splunk health and Log Ingestions on Daily basis.
- Worked on Creating Splunk admin Alerts and Monitored on Daily basis.
- Environment: Splunk Enterprise 9.4.3, Linux, UNIX, Python
Splunk Developer
Scotiabank
Toronto, Canada
03.2021 - 04.2023
- Collaborated with diverse business teams within the bank to elicit requirements for constructing various rules and dashboards utilizing multiple data sources.
- Established a Splunk-PowerBI connection and automated data ingestion from Splunk to PowerBI using the ODBC driver.
- Provided support to business teams regarding organizational unit expansions and updates to employee lists.
- Modified rules by updating thresholds and alert conditions as requested by business teams.
- Developed ad hoc tracing dashboards and bulk tracing dashboards for business teams to search against various event sources.
- Participated in numerous fraud investigations with investigative teams, supplying required information from data sources.
- Created Dashboards, report, scheduled searches and alerts using complex data elements.
- Resolved configuration based issues in coordination with infrastructure support teams.
- Analyzed security based events, risks and reporting instances.
- Onboard new log sources with log analysis and parsing to enable SIEM correlation.
- Collaborated on numerous proof-of-concept dashboards for IT operations and service owners, which monitor application and server health.
- Prepared, organized, and tested Splunk search and operational strings.
- Analyzed security events, risks, and reported incidents.
- Developing custom web applications to report internal ticket metrics.
- Designing and maintaining production-quality Splunk dashboards.
- Provide regular guidance and support to Splunk project teams on complex solutions and issue resolution to ensure optimal performance and quality.
- Interacted with the data warehousing team to extract data and suggest standard data formats for Splunk to identify most fields.
- Enabled SIEM correlation by onboarding new log sources with log analysis and parsing.
- Demonstrating expertise in security protocols, best practices, and other security-related issues.
- Designed and created numerous proof-of-concept dashboards for IT operations and service owners to monitor application and server health.
- Installed, upgraded, patched, deployed, monitored, tuned, and configured Weblogic Application Server in a multi-cluster/server environment.
- Performed field extraction using IFX, Rex Command, REGEX, and knowledge of the EXTRACT keyword in configuration files.
- Set up alerts for various types of errors.
- Worked with the ETL teams in enriching and onboarding the data.
- Environment: Splunk Enterprise 8.1.5, Splunk ES 5.3.0, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL
Splunk Developer
ATB Financial
Toronto, Canada
05.2019 - 01.2021
- Created Dashboards, report, scheduled searches and alerts using complex data elements.
- Configured DUO connector application to add Two-Factor authentications to Splunk logins.
- Resolved configuration based issues in coordination with infrastructure support teams.
- Creating Vulnerability dashboard that aggregates data across multiple services to identity critical threats and proactively mitigate risks.
- Worked with remote access systems (SSL, VPN appliances, network admission control/end point control services, token based authentication, integration with Active Directory and Windows).
- Analyzed security based events, risks and reporting instances.
- Onboard new log sources with log analysis and parsing to enable SIEM correlation.
- Automated Assets and Identity lookup by using HTTP Event collector.
- Creating Vulnerability dashboard (Qualys) that aggregates data across multiple services to identify critical threats and proactively mitigate risks.
- Involved many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
- Prepared, arranged and tested SPLUNK search strings and operational strings.
- Developing custom web application solutions for internal ticket metrics reporting.
- Designing and maintaining production-quality Splunk dashboards.
- Provide regular support guidance to SPLUNK project teams on complex solution and issue resolution with the objective of ensuring best fit and high quality.
- Interact with the data warehousing team regarding extracting the data and suggest the standard data format such that Splunk will identify most of the fields.
- Onboard new log sources with log analysis and parsing to enable SIEM correlation.
- Subject matter expert in best practices, security protocols, other security-related issues.
- Created many of the proof-of-concept dashboards for IT operations, and service owners which are used to monitor application and server health.
- Installed, upgraded patches, deployment, monitor, tuning and configuration of Weblogic Application Server in multi cluster/server environment.
- Performed Field Extraction: Using IFX, Rex Command and REGEX in configuration files, knowledge of EXTRACT keyword.
- Involved in setting up alerts for different type of errors.
- Environment: Splunk Enterprise 7.2.4, Splunk ES 5.3.0, Linux, UNIX, Oracle 11g, MS SQL Server 2012, SQL
Splunk Administrator/Developer
Ilabztechnology
Bengaluru, India
02.2016 - 05.2018
- Upgraded Splunk Enterprise from v 6.2 to v 6.5.2 in clustered environments and non-clustered environments.
- Provided day to day support to Splunk environment – 7,000 deployment clients, 50 Indexers, 10 Search Heads, 25 Heavy Forwarders and 5 Deployment Servers.
- Configured Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add-On's, Dashboards, Clustering and Forwarder Management.
- Standardized Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
- Performed Splunk administration tasks such as installing, configuring, monitoring & tuning.
- Installed and configured Splunk DB Connect in Single and distributed server environments.
- Installed and configured Website Monitoring Application to Monitor 3000+ company locations using their response codes.
- Created Dashboards for various types of business users in organization and worked on creating different Splunk Knowledge objects like Macros, calculated fields, Tags, Event Types and Look ups.
- Creating alerts to trigger when there are errors in indexing.
- Optimized search queries using summary indexing.
- Created Splunk applications and deployed using Splunk Deployment Server.
- Created advanced Dashboards, alerts, Splunk searches & visualization in Splunk Enterprise.
- Monitored Splunk Alerts, configure scheduled alerts based on the customer requirement.
- Assisted internal users of Splunk in designing, maintaining production-quality dashboards.
- Monitored Splunk infrastructure for capacity planning, system health and optimization.
- Gathered requirements from client creating catalogs items like questionnaires.
- Supported HTTP methods following the REST API subsets including the CURD operations like the GET, POST and DELETE to return a HTTP status code to indicate the success of the operation or cause of a failure to fulfill the request.
- Configured Event Generator Splunk application to show Our test environment as like Production Environment.
- Created and configured various instances of sandboxes.
- Worked in Agile development environment with each sprint for two weeks.
- Responsible for providing analysis of problems and resolutions or fixes for the production issues related to Splunk platform within the Service Level Agreement.
- Open and tracking requests for related access rights, network config changes that are required for fulfillment of the Splunk feed request.
- Created Landing page Dashboard using CSS scripts that shows the Server Status and Website Status using Geo Maps.
- 24 x 7 support for Video Audio Monitoring Services (VAMS) team applications.
- Environment: Splunk 6.5.2, Datapower, Weblogic 11g/12c, WebSphere Application Server 8.5, WebSphere MQ, Splunk DB Connect, Splunk App for Unix, Splunk App for WebLogic and WebSphere, Splunk App for JMX, FireBrigade, Splunk on Splunk
Education
Bachelor of Science - Electronics and Communications Engineering
Jawaharlal Nehru Technological University-Hyderabad
PG Diploma - Mobile Application Development
Lambton College
Skills
- Splunk 6x/7x and Enterprise Security 41
- Splunk Cloud and DB Connect
- Hunk and Splunk on Splunk
- IT service intelligence and VMware app
- Web Framework and Oracle WebLogic Server
- JBoss and IBM WebSphere
- Apache Tomcat and HTTP Server
- IIS server and Solaris
- Red Hat Linux and Unix
- AIX and Windows environments
- HPUX and Oracle databases
- MySQL Server and DB2
- MS Access and Guardium
- Java, SQL, PL/SQL, and Python
- XML, HTML, ASPNET, and VBSCRIPT
Timeline
Splunk Admin & Developer
Priceline
12.2024 - Current
Splunk Developer & Admin
Saskpower
05.2023 - 12.2024
Splunk Developer
Scotiabank
03.2021 - 04.2023
Splunk Developer
ATB Financial
05.2019 - 01.2021
Splunk Administrator/Developer
Ilabztechnology
02.2016 - 05.2018
Bachelor of Science - Electronics and Communications Engineering
Jawaharlal Nehru Technological University-Hyderabad
PG Diploma - Mobile Application Development
Lambton College