Amazon DOP-C02 Exam - Topic 5 Question 41 Discussion

Actual exam question for Amazon's DOP-C02 exam

Question #: 41
Topic #: 5

A company uses AWS WAF to protect its cloud infrastructure. A DevOps engineer needs to give an operations team the ability to analyze log messages from AWS WAR. The operations team needs to be able to create alarms for specific patterns in the log output.

Which solution will meet these requirements with the LEAST operational overhead?

ACreate an Amazon CloudWatch Logs log group. Configure the appropriate AWS WAF web ACL to send log messages to the log group. Instruct the operations team to create CloudWatch metric filters.

BCreate an Amazon OpenSearch Service cluster and appropriate indexes. Configure an Amazon Kinesis Data Firehose delivery stream to stream log data to the indexes. Use OpenSearch Dashboards to create filters and widgets.

CCreate an Amazon S3 bucket for the log output. Configure AWS WAF to send log outputs to the S3 bucket. Instruct the operations team to create AWS Lambda functions that detect each desired log message pattern. Configure the Lambda functions to publish to an Amazon Simple Notification Service (Amazon SNS) topic.

DCreate an Amazon S3 bucket for the log output. Configure AWS WAF to send log outputs to the S3 bucket. Use Amazon Athena to create an external table definition that fits the log message pattern. Instruct the operations team to write SOL queries and to create Amazon CloudWatch metric filters for the Athena queries.
Step 1: Sending AWS WAF Logs to CloudWatch Logs
AWS WAF allows you to log requests that are evaluated against your web ACLs. These logs can be sent directly to CloudWatch Logs, which enables real-time monitoring and analysis.
Action: Configure the AWS WAF web ACL to send log messages to a CloudWatch Logs log group.
Why: This allows the operations team to view the logs in real time and analyze patterns using CloudWatch metric filters.

Show Suggested Answer

Suggested Answer: A

Step 2: Creating CloudWatch Metric Filters CloudWatch metric filters can be used to search for specific patterns in log data. The operations team can create filters for certain log patterns and set up alarms based on these filters.

Action: Instruct the operations team to create CloudWatch metric filters to detect patterns in the WAF log output.

Why: Metric filters allow the team to trigger alarms based on specific patterns without needing to manually search through logs.

This corresponds to Option A: Create an Amazon CloudWatch Logs log group. Configure the appropriate AWS WAF web ACL to send log messages to the log group. Instruct the operations team to create CloudWatch metric filters.

by Mona at Dec 06, 2024, 06:49 PM

Limited Time Offer

25%

Off

Get Premium DOP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Marget

3 months ago

C seems complicated with Lambda, I’d stick with A.

upvoted 0 times

...

Stephaine

3 months ago

B sounds more robust with OpenSearch, but more setup.

upvoted 0 times

...

Margart

3 months ago

I’m not sure about A, what if the logs get too big?

upvoted 0 times

...

Katina

4 months ago

Totally agree, less overhead for sure!

upvoted 0 times

...

Izetta

4 months ago

Option A seems the simplest, just use CloudWatch.

upvoted 0 times

...

Desiree

4 months ago

I recall that using Athena with S3 was mentioned in our study materials, but I wonder if writing SQL queries would be too much for the operations team.

upvoted 0 times

...

Winifred

4 months ago

I feel like option C could work, but the Lambda functions add extra steps. I’m not sure if that’s the least operational overhead.

upvoted 0 times

...

Candra

4 months ago

I'm not entirely sure, but I remember something about using OpenSearch for log analysis in a similar question. It seemed more complex though.

upvoted 0 times

...

Argelia

5 months ago

I think option A makes the most sense since it directly integrates with CloudWatch, which we practiced a lot in our labs.

upvoted 0 times

...

Germaine

5 months ago

I'm leaning towards option D with Athena. That would give the operations team the ability to run custom SQL queries on the log data, which could be really powerful. The only downside is they'd have to manage the Athena setup, but it might be worth it for the flexibility.

upvoted 0 times

...

Romana

5 months ago

Option C with Lambda functions and SNS seems a bit overkill for this use case. It would add more complexity than is necessary. I'd lean towards either A or D - the CloudWatch Logs or Athena approach seem like the simplest solutions to meet the requirements.

upvoted 0 times

...

Janessa

5 months ago

Hmm, I'm a bit unsure about this one. Option B with OpenSearch Service seems like it could be a good choice too, as it would give the operations team more flexibility to create custom dashboards and visualizations. But I'm not as familiar with that service, so I'd have to research it more.

upvoted 0 times

...

Huey

5 months ago

This looks like a straightforward question about setting up logging and monitoring for AWS WAF. I think option A is the best solution as it has the least operational overhead - just create a CloudWatch Logs log group and configure the WAF web ACL to send logs there. The operations team can then create metric filters to analyze the logs.

upvoted 0 times

...

Irving

1 year ago

Option A all the way! It's the most cost-effective and easy to implement. No need to spin up a whole OpenSearch cluster or deal with the hassle of Athena.

upvoted 0 times

...

Joanne

1 year ago

True, but sending logs directly to CloudWatch Logs in option A seems simpler.

upvoted 0 times

...

Lacresha

1 year ago

Haha, I bet the operations team is thrilled to write SQL queries and set up Athena just to analyze some WAF logs. Why make things more complicated than they need to be?

upvoted 0 times

Brande

1 year ago

C: Definitely. The operations team will appreciate the simplicity of Option A for analyzing the AWS WAF logs.

upvoted 0 times

...

Phuong

1 year ago

B: Yeah, I agree. Setting up CloudWatch Logs and metric filters is much simpler than using Athena and writing SQL queries.

upvoted 0 times

...

Dulce

1 year ago

A: Option A seems like the best choice. It's straightforward and doesn't involve setting up additional services.

upvoted 0 times

...

Lanie

1 year ago

The CloudWatch Logs option seems the most efficient and reliable. I like how it allows the operations team to create custom alarms and alerts without additional overhead.

upvoted 0 times

Jolanda

1 year ago

D: Option A it is then. It provides real-time monitoring and analysis with CloudWatch Logs.

upvoted 0 times

...

Floyd

1 year ago

C: Option A is definitely the way to go. It simplifies the process for the operations team.

upvoted 0 times

...

Mari

1 year ago

B: I agree, Option A is the most efficient and least operational overhead.

upvoted 0 times

...

Lashawn

1 year ago

A: Option A seems like the best choice. It allows the operations team to easily create alarms for specific log patterns.

upvoted 0 times

...

Luann

1 year ago

But option D also uses CloudWatch for analysis, it could be a good alternative.

upvoted 0 times

...

Cassie

1 year ago

This is the easiest and most straightforward solution. No need to set up additional services like OpenSearch or Athena. Just send the logs to CloudWatch and use the built-in metric filters.

upvoted 0 times