Your company uses an application hosted in AWS which consists of EC2 Instances.
The logs of the EC2 instances need to be processed and analyzed in real time , since this is a requirement from the IT Security department.
Which of the following can be used to process the logs in real time?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - C.
The AWS Documentation mentions the below.
Real-time metrics and reporting.
Amazon Kinesis Data Firehose is a fully managed service for delivering real-time streaming data to destinations such as Amazon Simple Storage Service (Amazon S3), Amazon Redshift, Amazon Elasticsearch Service (Amazon ES), and Splunk.
Kinesis Data Firehose is part of the Kinesis streaming data platform, along with Kinesis Data Streams, Kinesis Video Streams, and Amazon Kinesis Data Analytics.
With Kinesis Data Firehose, you don't need to write applications or manage resources.
You configure your data producers to send data to Kinesis Data Firehose, and it automatically delivers the data to the destination that you specified.
You can also configure Kinesis Data Firehose to transform your data before delivering it.
Real-time data analytics.
This combines the power of parallel processing with the value of real-time data.
For example, process website clickstreams in real time, and then analyze site usability engagement using multiple different Kinesis Streams applications running in parallel.
Amazon Glacier is meant for Archival purposes and should not be used for storing the logs for real time processing.
For more information on Amazon Kinesis and Firehose, please refer to the below link:
http://docs.aws.amazon.com/streams/latest/dev/introduction.html https://docs.aws.amazon.com/firehose/latest/dev/firehose-dg.pdfThe correct answer for this scenario is option C: Stream the logs to Kinesis Firehose and send the output to Kinesis analytics to process and analyze the logs in real time.
Here is a detailed explanation of each option:
Option A: Use CloudWatch logs to process and analyze the logs in real-time CloudWatch logs can be used to collect, monitor, and store logs, but it is not an ideal solution for real-time processing and analysis of logs. CloudWatch logs are typically used for long-term log storage, and they can be searched and analyzed using CloudWatch Insights. However, there may be delays in processing and analyzing logs in real-time, especially if you have large volumes of logs.
Option B: Use Amazon Glacier to store the logs and then use Amazon Kinesis to process and analyze the logs in real time Amazon Glacier is a long-term data archival service, not ideal for real-time processing and analysis of logs. Although Amazon Kinesis is a real-time data processing service, it's designed to collect and process streaming data. So, it's not the best fit for processing logs that are typically collected in batches.
Option C: Stream the logs to Kinesis Firehose and send the output to Kinesis analytics to process and analyze the logs in real-time Kinesis Firehose is a data delivery service that can stream real-time data to destinations such as S3, Redshift, Elasticsearch, or Kinesis Analytics. Kinesis Analytics is a real-time data processing service that enables you to analyze streaming data with SQL. By streaming logs to Kinesis Firehose, you can send them to Kinesis Analytics to analyze them in real-time using SQL queries.
Option D: Use another EC2 Instance with a larger instance type to process the logs. This option is not an ideal solution because it requires additional resources and maintenance. Furthermore, processing logs on an EC2 instance may not be as efficient as using a purpose-built data processing service like Kinesis Analytics.
Therefore, the best option for processing logs in real-time on AWS is to stream them to Kinesis Firehose and send the output to Kinesis Analytics for real-time analysis.