You have a set of EC2 Instances created in a VPC.
You need to ensure that logs from specific locations on the EC2 Instances are sent over to a central log location.
How can you achieve this? Choose 2 answers from the options given below.
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - A and C.
The AWS Documentation mentions the following.
To collect logs from your Amazon EC2 instances and on-premises servers into CloudWatch Logs, AWS offers both a new unified CloudWatch agent and an older CloudWatch Logs agent.
We recommend the unified CloudWatch agent.
The new unified agent has the following advantages.
· You can collect both logs and advanced metrics with the installation and configuration of just one agent.
· The unified agent enables the collection of logs from servers running Windows Server.
· If you use the agent to collect CloudWatch metrics, the unified agent also enables the collection of additional system metrics for in-guest visibility.
· The unified agent provides better performance.
Option B is incorrect since the Inspector agent is only used to check for vulnerabilities.
Option D is incorrect since the logs need to be aggregated in the VPC Log Group.
For more information on Cloudwatch Logs agent, please refer to the below URL.
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_GettingStarted.htmlTo send logs from specific locations on EC2 instances to a central log location, you can use the following methods:
A. Use the CloudWatch Logs agent: The CloudWatch Logs agent is a tool provided by AWS to help you monitor, store, and access log files from EC2 instances. You can install the CloudWatch Logs agent on your EC2 instances, and it will automatically collect and transfer logs to a CloudWatch Logs group. You can then use CloudWatch Logs to analyze and search your logs, create alarms, and export data to other AWS services.
B. Centralize the logs to a CloudWatch Log Group: You can centralize logs from your EC2 instances to a CloudWatch Log group. To do this, you must create a CloudWatch log group and configure the logging options for each EC2 instance. You can configure the logging options using the AWS Management Console, the AWS CLI, or an SDK. Once the logging options are set up, all logs from the specified locations on the EC2 instances are sent to the log group.
C. Centralize the logs to a VPC Log Group: VPC Flow Logs is a feature that allows you to capture information about the IP traffic going to and from network interfaces in your VPC. You can create a VPC Flow Logs log group and specify the locations on your EC2 instances that you want to log. Once the logs are collected, you can analyze them to troubleshoot network connectivity issues, monitor network traffic, and identify potential security threats.
D. Use the AWS Inspector agent: AWS Inspector is a security assessment service that helps you improve the security and compliance of your applications deployed on AWS. You can use the AWS Inspector agent to collect logs from your EC2 instances and send them to AWS Inspector for analysis. AWS Inspector provides a list of security findings and recommendations based on the analysis of logs and other data sources.
In conclusion, options A and C are the correct answers. You can use the CloudWatch Logs agent or centralize the logs to a VPC Log Group to achieve the goal of sending logs from specific locations on EC2 instances to a central log location.