Ingesting EC2 Instance Logs into a Searchable Service
Question
A company wants to a way to ingest all logs from their EC2 Instances into a searchable service.
Which of the following implementation steps would you consider fulfilling this requirement? Choose 2 answers from the options given below.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B and C.
This sort of architecture is given in the AWS documentation.
########
Your CloudWatch event target is a Kinesis Firehose delivery stream that delivers this data to an Elasticsearch cluster, where you set up Kibana for visualization.
Using this solution, you can easily load and visualize EC2 events in minutes without setting up complicated data pipelines.
########
Option A is incorrect since Kinesis should be used as the streaming service.
Option D is incorrect since ElasticSearch is a better option for the final destination for log files and for searching capabilities.
For more information on this use case, please visit the url.
https://aws.amazon.com/blogs/big-data/visualize-and-monitor-amazon-ec2-events-with-amazon-cloudwatch-events-and-amazon-kinesis-firehose//answer/imgckeditor_cloudwatchevents.png)
The best solutions to fulfill the company's requirements would be:
A. Setup Cloudwatch events to stream the data to SQS B. Setup Cloudwatch events to stream the data to Kinesis Firehose
Explanation:
CloudWatch Events is a service that monitors events and takes action based on rules defined. It can be used to capture the log data generated by EC2 instances. There are different types of actions that can be taken when an event occurs, including streaming the data to an Amazon Kinesis Firehose delivery stream or Amazon SQS.
Amazon Kinesis Firehose is a fully managed service that allows data streams to be ingested and delivered to destinations like Amazon S3, Amazon Redshift, and Amazon Elasticsearch. It can be used to collect and deliver logs from EC2 instances to Amazon Elasticsearch.
Amazon SQS is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. It can be used to store and queue the log data generated by EC2 instances before delivering it to a searchable service like Amazon Elasticsearch.
C. Configure the end destination for the log files as Amazon Elasticsearch D. Configure the end destination for the log files as Amazon DynamoDB.
While C and D are possible destinations for log data, they do not address the requirement of ingesting all logs from EC2 instances into a searchable service. Amazon Elasticsearch is a highly scalable, managed search and analytics engine that can be used to index and search logs generated by EC2 instances. Amazon DynamoDB is a NoSQL database service that can be used to store and retrieve structured data, but it is not a searchable service. Therefore, options C and D are not the best solutions for the given requirement.