Examice

Exam DOP-C01 All QuestionsBrowse all questions from this exam

Question 170

A company is running an application on Amazon EC2 instances. A DevOps engineer needs to aggregate the application logs to a central system for the company's application team to search. A critical error message periodically appears in the log files. The DevOps engineer needs to notify the application team by email when these error messages occur.

Which solution will meet these requirements in the MOST operationally efficient manner?

Configure the unified Amazon CloudWatch agent on the EC2 instances to publish the application logs files to a CloudWatch log group. Configure a metric filter on the CloudWatch log group to detect the critical errors and to create a custom metric. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure a CloudWatch alarm to use the custom metric to notify the SNS topic. Subscribe the application team's email address to the SNS topic.

Install the Amazon Kinesis agent on the EC2 instances. Configure the Kinesis agent with the location of the log files. Stream the logs to a Kinesis Data Firehose delivery stream with an Amazon CloudWatch metrics stream as a destination. Configure an AWS Lambda function to detect the error message and to create a custom metric. Associate the Lambda function with the stream. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure a CloudWatch alarm to use the custom metric to notify the SNS topic. Subscribe the application team's email address to the SNS topic.

Install the AWS X-Ray daemon on the EC2 instances. Instrument the application with the AWS Distro for OpenTelemetry (ADOT). Configure the ADOT collector with the location of the custom log files and the name of an Amazon CloudWatch log group. Use the CloudWatch embedded metric format to generate a custom metric that is based on the error message. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure a CloudWatch alarm to use the custom metric to notify the SNS topic. Subscribe the application team's email address to the SNS topic.

Configure the unified Amazon CloudWatch agent on the EC2 instances to publish the application logs files to a CloudWatch log group. Create an Amazon OpenSearch Service domain. Subscribe the CloudWatch log group to the OpenSearch Service domain. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure an OpenSearch Service alert monitor to notify the SNS topic. Subscribe the application team's email address to the SNS topic.

Correct Answer: A

The most operationally efficient solution is to configure the unified Amazon CloudWatch agent on the EC2 instances to publish the application log files to a CloudWatch log group. Then, configure a metric filter on the CloudWatch log group to detect critical errors and create a custom metric. Subsequently, create an Amazon Simple Notification Service (Amazon SNS) topic and configure a CloudWatch alarm to use the custom metric to notify the SNS topic. Finally, subscribe the application team's email address to the SNS topic. This method leverages built-in AWS services that simplify log management and alerting while minimizing operational overhead compared to other options involving additional services like Amazon Kinesis or Amazon OpenSearch Service.

Discussion

Bulti

A is correct.

Christina666Option: A

A for me

DimidrolOption: A

A for me

Oleg_golOption: A

I vote A

Nila_Cloud_PROOption: D

The Key here is, the engineer needs to aggregate the application logs to a central system for the company's application team to search. Opensearch is the best option for the centralized log search

auxwwwOption: A

Most operationally efficient - A Centralized/Search logs - CloudWatch Log Insights can do this for much cheaper price and without needing additional services

saeidpOption: A

A seems to be the best but why saying create custom metric? metric filter doesn't create custom metric

PiccasoOption: D

A is good. D is more operationally efficient https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_OpenSearch_Stream.html

Piccaso

"MOST operationally efficient", I think A is more operationally efficient than D. On A, we only need to operate CWL and SNS On D, we have to operate CWL, SNS and OpenSearch

SHoKMaSTeR

Both A and D are valid for me. For A you need to provide all the developers access to AWS for checking CloudWatch, and searching in CloudWatch is worst than in OpenSearch, maybe it is less efficient ...