Logo
AWS Certified Developer – Associate / Question #835 of 557

Question #835

A company hosts a web application on Amazon EC2 instances, which are configured to stream logs to Amazon CloudWatch Logs. The company requires an Amazon Simple Notification Service (Amazon SNS) notification when the number of application warning messages surpasses a specified threshold within a 10-minute interval.

Which solution fulfills these requirements?

A

Modify the application code to send logs directly to Amazon SNS. Configure the SNS topic to trigger a notification when the number of warnings exceeds the threshold within a 10-minute period.
B

Configure a CloudWatch Logs subscription filter to route log data to an AWS Lambda function. Use the Lambda function to count warnings and publish an SNS notification if the threshold is exceeded within 10 minutes.
C

Enable AWS Config to monitor the EC2 instances for application warnings. Configure AWS Config to send an SNS notification when the number of warnings exceeds the threshold within a 10-minute period.
D

Create a CloudWatch metric filter to detect the warning pattern in the log data. Establish a CloudWatch alarm based on this custom metric, configured to send an SNS notification when the threshold is exceeded within a 10-minute period.

Explanation

Answer D is correct because:
1. CloudWatch Metric Filter: Scans log data for the warning pattern and creates a custom metric.
2. CloudWatch Alarm: Monitors the metric over a 10-minute period and triggers an SNS notification when the threshold is breached.

Why other options are incorrect:
- A: SNS cannot count log entries or evaluate thresholds; modifying application code is unnecessary.
- B: While feasible, Lambda requires custom code to track counts over time, making it less efficient than CloudWatch's built-in metric/alarm system.
- C: AWS Config monitors resource configurations, not application logs.

Key Points:
- Use CloudWatch metric filters to extract log data into metrics.
- CloudWatch alarms can trigger actions (e.g., SNS) based on metric thresholds.
- Avoid modifying application logic when AWS services provide native solutions.

Answer

The correct answer is: D