AWS Certified DevOps Engineer - Professional Exam: How to Implement Centralized Log Management with AWS Services

Implementing Centralized Log Management with AWS Services

Prev Question Next Question

Question

The operations team and the development team want a single place to view both operating system and application logs.

How should you implement this using AWS services?

Answers

A. Using AWS CloudFormation, create a CloudWatch Logs group and send the operating system and application logs using the CloudWatch Logs Agent.

B. Using AWS CloudFormation and configuration management, set up remote logging to send events via UDP packets to CloudTrail.

C. Set up remote logging to send events to an Amazon Kinesis stream and forward these logs into Amazon CloudWatch Event or Amazon Redshift, depending on available analytic tools.

D. Using AWS CloudFormation, merge the application logs with the operating system logs, and use IAM Roles to allow both teams to have access to view the output from Amazon EC2 console.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Answer - A.

Option B is incorrect because CloudTrail is not designed specifically to collect operation system or application logs.

Option C is incorrect because the Kinesis stream is more suitable for real-time data processing.

CloudWatch Event is also not required in this scenario.

Option D is incorrect because it does not mention how to view the logs through the EC2 console.

EC2 is not a suitable service for users to view the logs.

You can use Amazon CloudWatch Logs to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon EC2) instances, AWS CloudTrail, and other sources.

You can then retrieve the associated log data from CloudWatch Logs.

For more information on Cloudwatch logs, please refer to the below link:

http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatIsCloudWatchLogs.html

The best approach to implement a single place to view both operating system and application logs using AWS services is option A: Using AWS CloudFormation, create a CloudWatch Logs group and send the operating system and application logs using the CloudWatch Logs Agent.

AWS CloudFormation is a service that allows you to create and manage AWS resources using templates. With CloudFormation, you can create a CloudWatch Logs group, which is a logical container for log data. You can also use CloudFormation to set up the CloudWatch Logs Agent, which is a lightweight agent that can be installed on an Amazon EC2 instance to send log data to CloudWatch Logs.

To implement this approach, follow these steps:

Create a CloudFormation template that defines the CloudWatch Logs group and the necessary IAM roles and policies.
Install the CloudWatch Logs Agent on your Amazon EC2 instances. You can use an AWS Systems Manager document or an AWS CloudFormation template to automate this process.
Configure the CloudWatch Logs Agent to send the operating system and application logs to the CloudWatch Logs group.
Grant permissions to the operations team and development team to access the CloudWatch Logs group using IAM roles.

By implementing this approach, you can centralize log data in one place, making it easier for both teams to troubleshoot issues and analyze data. The CloudWatch Logs service also provides advanced features such as log metric filters, alarms, and subscriptions to other AWS services like Amazon SNS and AWS Lambda.

Prev Question Next Question