Q79 — AWS DVA-C02 Ch.1
Question 79 of 100 | ← Chapter 1
A company runs an application on AWS. The company deploys the application on Amazon EC2 instances and stores data in Amazon Aurora. The application recently logged a custom application-specific DECRYPT_ERROR error in Amazon CloudWatch Logs. The company discovered this issue only after automated tests—run every 30 minutes—failed. Developers need to implement a solution to monitor these custom errors and send real-time notifications to the development team when they occur in production. Which solution meets these requirements with the lowest operational overhead?
- A. Configure the application to publish a custom metric to CloudWatch. Create an AWS CloudTrail alarm. Configure the CloudTrail alarm to send notifications via Amazon Simple Notification Service (Amazon SNS).
- B. Create an AWS Lambda function that runs every 5 minutes to scan CloudWatch Logs for the keyword DECRYPT_ERROR. Configure the Lambda function to send notifications via Amazon Simple Notification Service (Amazon SNS).
- C. Use Amazon CloudWatch Logs to create a metric filter for the DECRYPT_ERROR pattern. Create a CloudWatch alarm for this metric with a threshold >= 1. Configure the alarm to send notifications via Amazon Simple Notification Service (Amazon SNS). ✓
- D. Install the CloudWatch unified agent on the EC2 instances. Configure the application to emit a metric for errors containing the keyword DECRYPT_ERROR. Configure the agent to send notifications via Amazon Simple Notification Service (Amazon SNS).
Correct Answer: C. Use Amazon CloudWatch Logs to create a metric filter for the DECRYPT_ERROR pattern. Create a CloudWatch alarm for this metric with a threshold >= 1. Configure the alarm to send notifications via Amazon Simple Notification Service (Amazon SNS).
Explanation
Option C is correct: creating a CloudWatch Logs metric filter for DECRYPT_ERROR and triggering a CloudWatch alarm with threshold >= 1 enables real-time, low-overhead monitoring and notification. Option A misuses CloudTrail (which logs API calls, not log events). Option B introduces polling latency and unnecessary Lambda invocations. Option D adds agent management complexity without benefit over native CloudWatch Logs metric filters.