Amazon Exam DOP-C02 Topic 5 Question 41 Discussion

Actual exam question for Amazon's DOP-C02 exam

Question #: 41
Topic #: 5

A company uses AWS WAF to protect its cloud infrastructure. A DevOps engineer needs to give an operations team the ability to analyze log messages from AWS WAR. The operations team needs to be able to create alarms for specific patterns in the log output.

Which solution will meet these requirements with the LEAST operational overhead?

ACreate an Amazon CloudWatch Logs log group. Configure the appropriate AWS WAF web ACL to send log messages to the log group. Instruct the operations team to create CloudWatch metric filters.

BCreate an Amazon OpenSearch Service cluster and appropriate indexes. Configure an Amazon Kinesis Data Firehose delivery stream to stream log data to the indexes. Use OpenSearch Dashboards to create filters and widgets.

CCreate an Amazon S3 bucket for the log output. Configure AWS WAF to send log outputs to the S3 bucket. Instruct the operations team to create AWS Lambda functions that detect each desired log message pattern. Configure the Lambda functions to publish to an Amazon Simple Notification Service (Amazon SNS) topic.

DCreate an Amazon S3 bucket for the log output. Configure AWS WAF to send log outputs to the S3 bucket. Use Amazon Athena to create an external table definition that fits the log message pattern. Instruct the operations team to write SOL queries and to create Amazon CloudWatch metric filters for the Athena queries.
Step 1: Sending AWS WAF Logs to CloudWatch Logs
AWS WAF allows you to log requests that are evaluated against your web ACLs. These logs can be sent directly to CloudWatch Logs, which enables real-time monitoring and analysis.
Action: Configure the AWS WAF web ACL to send log messages to a CloudWatch Logs log group.
Why: This allows the operations team to view the logs in real time and analyze patterns using CloudWatch metric filters.

Show Suggested Answer

Suggested Answer: A

Step 2: Creating CloudWatch Metric Filters CloudWatch metric filters can be used to search for specific patterns in log data. The operations team can create filters for certain log patterns and set up alarms based on these filters.

Action: Instruct the operations team to create CloudWatch metric filters to detect patterns in the WAF log output.

Why: Metric filters allow the team to trigger alarms based on specific patterns without needing to manually search through logs.

This corresponds to Option A: Create an Amazon CloudWatch Logs log group. Configure the appropriate AWS WAF web ACL to send log messages to the log group. Instruct the operations team to create CloudWatch metric filters.

by Mona at Dec 06, 2024, 06:49 PM

Limited Time Offer

25%

Off

Get Premium DOP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Irving

2 months ago

Option A all the way! It's the most cost-effective and easy to implement. No need to spin up a whole OpenSearch cluster or deal with the hassle of Athena.

upvoted 0 times

...

Joanne

2 months ago

True, but sending logs directly to CloudWatch Logs in option A seems simpler.

upvoted 0 times

...

Lacresha

2 months ago

Haha, I bet the operations team is thrilled to write SQL queries and set up Athena just to analyze some WAF logs. Why make things more complicated than they need to be?

upvoted 0 times

Brande

1 months ago

C: Definitely. The operations team will appreciate the simplicity of Option A for analyzing the AWS WAF logs.

upvoted 0 times

...

Phuong

1 months ago

B: Yeah, I agree. Setting up CloudWatch Logs and metric filters is much simpler than using Athena and writing SQL queries.

upvoted 0 times

...

Dulce

1 months ago

A: Option A seems like the best choice. It's straightforward and doesn't involve setting up additional services.

upvoted 0 times

...

2 months ago

This is the easiest and most straightforward solution. No need to set up additional services like OpenSearch or Athena. Just send the logs to CloudWatch and use the built-in metric filters.

upvoted 0 times