ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 622 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 622
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A company needs to create a centralized logging architecture for all of its AWS accounts. The architecture should provide near-real-time data analysis for all AWS
CloudTrail logs and VPC Flow Logs across all AWS accounts. The company plans to use Amazon Elasticsearch Service (Amazon ES) to perform log analysis in the logging account.
Which strategy a solutions architect use to meet these requirements?

  • A. Configure CloudTrail and VPC Flow Logs in each AWS account to send data to a centralized Amazon S3 bucket in the logging account. Create and AWS Lambda function to load data from the S3 bucket to Amazon ES in the logging account.
  • B. Configure CloudTrail and VPC Flow Logs to send data to a log group in Amazon CloudWatch account. Configure a CloudWatch subscription filter in each AWS account to send data to Amazon Kinesis Data Firehouse in the logging account. Load data from Kinesis Data Firehouse into Amazon ES in the logging account.
  • C. Configure CloudTrail and VPC Flow Logs to send data to a separate Amazon S3 bucket in each AWS account. Create an AWS Lambda function triggered by S3 events to copy the data to a centralized logging bucket. Create another Lambda function to load data from the S3 bucket to Amazon ES in the logging account.
  • D. Configure CloudTrail and VPC Flow Logs to send data to a log group in Amazon CloudWatch Logs in each AWS account. Create AWS Lambda functions in each AWS accounts to subscribe to the log groups and stream the data to an Amazon S3 bucket in the logging account. Create another Lambda function to load data from the S3 bucket to Amazon ES in the logging account.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by bbnbnuyh at Nov. 3, 2020, 2:21 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
bbnbnuyh
Highly Voted 3 years, 8 months ago
B. It is well defined here - https://www.cloudjourney.io/articles/publiccloud/central_logging_part_2-su/
upvoted 19 times
certainly
3 years, 7 months ago
https://aws.amazon.com/solutions/implementations/centralized-logging/
upvoted 3 times
sayakan
3 years, 7 months ago
Thanks certainly. This is what I need.
upvoted 1 times
...
...
Kopa
3 years, 7 months ago
The B answer is saying: "Configure a CloudWatch subscription filter in each AWS account to send data to Amazon Kinesis Data Firehouse " on the link it is described to send data to Amazon Kinesis DataStream then Lambda and after that to Kinesis FireHose, it looks that Kinesis DataStream not mention on the answer. Im again for B but it looks suspicious.
upvoted 2 times
Viper57
3 years, 6 months ago
CloudWatch subscription filter support sending to Kinesis data streams and Firehose so B looks correct.
upvoted 1 times
...
student22
3 years, 6 months ago
Thanks. I also read the question as "... send data to a log group in each account" So, my answer is B. If it's really taking about a central cloudwatch account, the answer is A. Site admins, verify please?
upvoted 1 times
...
...
...
Kelvin1477
Highly Voted 3 years, 7 months ago
I think A still a correct option.. Based on AWS documentation: A trail enables CloudTrail to deliver log files to an Amazon S3 bucket https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudtrail-logging.html
upvoted 5 times
DerekKey
3 years, 6 months ago
CloudTrail delivers to both S3 and CloudWatch
upvoted 1 times
...
...
kadev
Most Recent 2 years, 8 months ago
B for sure, CW loggrpup supcription supports to kinesis firehose now A. you cant trigger event when S3 object update for log file updating, it's so expensive. if you run lambda as scheduled => it not near-realtime
upvoted 1 times
...
gnic
2 years, 9 months ago
Selected Answer: B
the keyword is "near real time" I was for A, but B is better
upvoted 2 times
...
fdoxxx
2 years, 9 months ago
The answer is A - why not B? the service Amazon Kinesis Data Firehouse does not exists - there is Amazon Kinesis Data Firehose - this typo is on purpose imho.
upvoted 1 times
...
shucht
2 years, 9 months ago
Selected Answer: A
It cannot be B because firehose cannot output to ElasticSearch
upvoted 1 times
gnic
2 years, 9 months ago
it can
upvoted 1 times
...
...
hilft
2 years, 10 months ago
the keyword here is real time. B
upvoted 1 times
...
Anhdd
2 years, 11 months ago
Selected Answer: B
Should be B. Due to "near-real-time data analysis" -> Use Kinesis Data Firehouse to send data log to ES is best practice
upvoted 2 times
...
alexph169
3 years ago
Selected Answer: B
Near real time is the keyword. Can not be Lambda here that is an async call mechanism.
upvoted 2 times
...
jyrajan69
3 years, 3 months ago
The requirement says near real time, based on that Kinesis will satisfy this, so the only answer likely is B
upvoted 3 times
...
Jonfernz
3 years, 3 months ago
Selected Answer: B
Firehose for near-real time.
upvoted 2 times
...
cldy
3 years, 5 months ago
B. Configure CloudTrail and VPC Flow Logs to send data to a log group in Amazon CloudWatch account. Configure a CloudWatch subscription filter in each AWS account to send data to Amazon Kinesis Data Firehouse in the logging account. Load data from Kinesis Data Firehouse into Amazon ES in the logging account.
upvoted 1 times
...
bill_smoke
3 years, 5 months ago
Could someone please confirm whether these question sets are still on the SAA-C02 exam for December? I'm taking my test in a week and want to make sure this is all legit.
upvoted 2 times
...
AzureDP900
3 years, 5 months ago
B is right
upvoted 1 times
...
Rho_Ohm
3 years, 5 months ago
>>> Ans: B
upvoted 1 times
...
acloudguru
3 years, 5 months ago
Selected Answer: B
B, near-real-time
upvoted 3 times
...
andylogan
3 years, 6 months ago
It's B
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel