Position Summary
The Splunk Engineer with Cribl will be responsible for architecting, managing, and optimizing data ingestion pipelines into Splunk using Cribl Stream and Cribl Edge. This role ensures efficient log routing, transformation, filtering, and enrichment to maintain high performance, cost optimization, and observability across enterprise environments.
The ideal candidate will have deep experience with Splunk Enterprise, Cribl data pipelines, and strong scripting and automation skills to manage large-scale data flows securely and efficiently.
️ Key Responsibilities
Design, implement, and maintain data ingestion pipelines from multiple data sources into Splunk via Cribl Stream.
Manage and optimize log routing, filtering, and transformations for performance and storage efficiency.
Configure and tune Splunk indexers, forwarders, and search heads for large-scale environments.
Develop and maintain Cribl pipelines, sources, destinations, and pack configurations.
Implement data governance policies and ensure compliance with security and retention requirements.
Work with cross-functional teams (security, DevOps, and infrastructure) to troubleshoot data flow issues.
Automate onboarding of new log sources and transformations using Cribl APIs and Splunk scripts.
Monitor and report on data ingestion metrics, pipeline performance, and Splunk health dashboards.
Participate in incident response and RCA for data ingestion or Splunk-related issues.
Maintain detailed technical documentation, SOPs, and runbooks for Splunk/Cribl operations.