Q18 — AWS DOP-C02 Ch.1
Question 18 of 100 | ← Chapter 1
A company runs an application on Amazon EC2 instances. A DevOps engineer needs to aggregate application logs into a centralized system for the application support team to search. Severe error messages appear periodically in the log files. When these errors occur, the DevOps engineer must notify the application support team via email.
- A. Configure the unified Amazon CloudWatch agent on the EC2 instances to publish application log files to a CloudWatch Logs log group. Configure metric filters on the CloudWatch Logs log group to detect severe errors and create custom metrics. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure a CloudWatch alarm to notify the SNS topic using the custom metric. Subscribe the application team's email address to the SNS topic. ✓
- B. Install the Amazon Kinesis Agent on the EC2 instances. Configure the Kinesis Agent with the location of the log files. Stream logs to a Kinesis Data Firehose delivery stream targeting CloudWatch Metrics. Configure an AWS Lambda function to detect error messages and create custom metrics. Associate the Lambda function with the stream. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure a CloudWatch alarm to notify the SNS topic using the custom metric. Subscribe the application team's email address to the SNS topic.
- C. Install the AWS X-Ray daemon on the EC2 instances. Instrument the application using AWS Distro for OpenTelemetry (ADOT). Configure the ADOT collector with the custom log file location and the CloudWatch Logs log group name. Generate custom metrics based on error messages using CloudWatch Embedded Metric Format. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure a CloudWatch alarm to notify the SNS topic using the custom metric. Subscribe the application team's email address to the SNS topic.
- D. Configure the unified Amazon CloudWatch agent on the EC2 instances to publish application log files to a CloudWatch Logs log group. Create an Amazon OpenSearch Service domain. Subscribe the CloudWatch Logs log group to the OpenSearch Service domain. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure an OpenSearch Service alert monitor to notify the SNS topic. Subscribe the application team's email address to the SNS topic.
Correct Answer: A. Configure the unified Amazon CloudWatch agent on the EC2 instances to publish application log files to a CloudWatch Logs log group. Configure metric filters on the CloudWatch Logs log group to detect severe errors and create custom metrics. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure a CloudWatch alarm to notify the SNS topic using the custom metric. Subscribe the application team's email address to the SNS topic.
Explanation
Option A is the most operationally efficient solution. It uses only CloudWatch Logs, metric filters, CloudWatch Alarms, and Amazon SNS — fully managed, low-overhead services with native integration. Option D introduces Amazon OpenSearch Service, which adds operational complexity, cost, and maintenance overhead without providing additional value for simple error detection and email notification. Options B and C introduce unnecessary components (Kinesis, X-Ray, ADOT) that overcomplicate the architecture for this use case.