Q32 — AWS DOP-C02 Ch.2

Question 32 of 100 | ← Chapter 2

A company uses AWS WAF to protect its cloud infrastructure. A DevOps engineer needs to enable the operations team to analyze log messages from AWS WAF. The operations team also needs to create alerts for specific patterns in the log output. Which solution meets these requirements with minimal operational overhead?

Correct Answer: A. Create an Amazon CloudWatch Logs log group. Configure the appropriate AWS WAF web ACL to send logs to the log group. Guide the operations team to create CloudWatch metric filters.

Explanation

AWS WAF log analysis requires a lightweight integration solution. CloudWatch Logs natively receives WAF logs, and metric filters can extract specific patterns and emit custom metrics, which can then trigger CloudWatch Alarms for real-time alerting—requiring no additional data processing infrastructure. All other options introduce unnecessary complexity: option C adds custom Lambda logic and SNS orchestration; option D adds S3 storage, Athena query setup, and extra CloudWatch metric filter configuration; option B requires managing an OpenSearch cluster and Kinesis Data Firehose pipeline. Only option A delivers the required functionality with zero infrastructure maintenance and minimal operational overhead.