Your customer is willing to consolidate their log streams (access logs application logs security logs etc.) in one
single system. Once consolidated, the customer wants to analyze these logs in real time based on heuristics.
From time to time, the customer needs to validate heuristics, which requires going back to data samples
extracted from the last 12 hours?
What is the best approach to meet your customer’s requirements?
A.
Send all the log events to Amazon SQS. Setup an Auto Scaling group of EC2 servers to consume the logs and
apply the heuristics.
B.
Send all the log events to Amazon Kinesis develop a client process to apply heuristics on the logs
Configure Amazon Cloud Trail to receive custom logs, use EMR to apply heuristics the logs
C.
Setup an Auto Scaling group of EC2 syslogd servers, store the logs on S3 use EMR to apply heuristics on the
logs
B
0
0
Correct answer i think is Send all the log events to Amazon Kinesis develop
1
0
b
0
0
From the 3 options only Kinesis provide realtime analysis, so B it is
0
0
Amazon Kinesis Streams allows for real-time data processing. With Amazon Kinesis Streams, you can continuously collect data as it is generated and promptly react to critical information about your business and operations.
https://aws.amazon.com/kinesis/streams/
B.
Send all the log events to Amazon Kinesis develop a client process to apply heuristics on the logs
Configure Amazon Cloud Trail to receive custom logs, use EMR to apply heuristics the logs
0
0
thanks, B is right answer to me too
0
0
Answer B
A.
Send all the log events to Amazon SQS. Setup an Auto Scaling group of EC2 servers to consume the logs and
apply the heuristics.
B.
Send all the log events to Amazon Kinesis develop a client process to apply heuristics on the logs
C.
Configure Amazon Cloud Trail to receive custom logs, use EMR to apply heuristics the logs
D.
Setup an Auto Scaling group of EC2 syslogd servers, store the logs on S3 use EMR to apply heuristics on the
logs
1
0
Thanks to Korean27 for cleaning up those answer choices a bit. I was confused why answer B was listing two different things that seemed to be in conflict with each other!
Definitely B, due to the trigger phrase “real-time”, which I ran through Google Translate, and it translated to “Kinesis” using language “AWS cert exam”. Kinesis would also accomplish the requirement to retain logs for 12 hours for further analysis, since the default retention period for Kinesis is 24 hours. (Which is also the minimum, you can increase it up to 168 hours)
0
0
B
0
0