Question #951
A company has a web application that is hosted on AWS. The application is behind an Amazon CloudFront distribution. A developer needs a dashboard to monitor error rates and anomalies of the CloudFront distribution as frequently as possible. Which combination of steps should the developer take to meet these requirements? (Choose two.)
Stream the CloudFront distribution logs to an Amazon S3 bucket. Detect anomalies and error rates by using Amazon Athena.
Enable real-time logs on the CloudFront distribution. Create a data stream in Amazon Kinesis Data Streams.
Set up Amazon Kinesis Data Firehose to send the logs to Amazon OpenSearch Service. Make a dashboard in OpenSearch Dashboards.
Stream the CloudFront distribution logs to Amazon Kinesis Data Firehose.
Set up Amazon Kinesis Data Firehose to send the logs to AWS CloudTrail. Create CloudTrail metrics, alarms, and dashboards.
Explanation
The correct answers are C and D. Here's why:
- Option D: CloudFront logs can be streamed to Kinesis Data Firehose via S3. Firehose can ingest logs as soon as they are delivered to S3 (typically every 5-60 minutes), enabling near-real-time processing. This is faster than using Athena (A), which requires batch queries.
- Option C: Firehose sends logs to Amazon OpenSearch Service, where dashboards in OpenSearch Dashboards can visualize error rates and anomalies in near-real-time.
Other options are incorrect:
- A: Athena queries S3 logs but is batch-based, not real-time.
- B: Real-time logs require Kinesis Data Streams, but the question pairs Firehose with OpenSearch (C), not Streams.
- E: CloudTrail is for API activity monitoring, not CloudFront logs.
Key Points:
1. Use Kinesis Data Firehose for near-real-time log streaming from S3.
2. OpenSearch Dashboards enable real-time visualization.
3. Avoid batch-based solutions (Athena) or unrelated services (CloudTrail).
Answer
The correct answer is: DC