SAP-C02 第 244 题
题目
A company has developed a hybrid solution between its data center and AWS. The company uses Amazon VPC and Amazon EC2 instances that send application logs to Amazon CloudWatch. The EC2 instances read data from multiple relational databases that are hosted on premises. The company wants to monitor which EC2 instances are connected to the databases in near-real time. The company already has a monitoring solution that uses Splunk on premises. A solutions architect needs to determine how to send networking traffic to Splunk. How should the solutions architect meet these requirements?
中文翻译:
一家公司开发了其数据中心和 AWS 之间的混合解决方案。该公司使用 Amazon VPC 和 Amazon EC2 实例将应用程序日志发送到 Amazon CloudWatch。 EC2 实例从本地托管的多个关系数据库读取数据。该公司希望近乎实时地监控哪些 EC2 实例连接到数据库。该公司已经拥有在本地使用 Splunk 的监控解决方案。解决方案架构师需要确定如何将网络流量发送到 Splunk。解决方案架构师应该如何满足这些要求?
选项
A. Enable VPC flows logs, and send them to CloudWatch. Create an AWS Lambda function to periodically export the CloudWatch logs to an Amazon S3 bucket by using the pre-defined export function. Generate ACCESS_KEY and SECRET_KEY AWS credentials. Configure Splunk to pull the logs from the S3 bucket by using those credentials.
中文翻译:
启用 VPC 流日志,并将其发送到 CloudWatch。创建 AWS Lambda 函数,以使用预定义的导出函数定期将 CloudWatch 日志导出到 Amazon S3 存储桶。生成 ACCESS_KEY 和 SECRET_KEY AWS 凭证。配置 Splunk 以使用这些凭据从 S3 存储桶中提取日志。
B. Create an Amazon Kinesis Data Firehose delivery stream with Splunk as the destination. Configure a pre-processing AWS Lambda function with a Kinesis Data Firehose stream processor that extracts individual log events from records sent by CloudWatch Logs subscription filters. Enable VPC flows logs, and send them to CloudWatch. Create a CloudWatch Logs subscription that sends log events to the Kinesis Data Firehose delivery stream.
中文翻译:
创建 Amazon Kinesis Data Firehose 传输流,并将 Splunk 作为目标。使用 Kinesis Data Firehose 流处理器配置预处理 AWS Lambda 函数,该函数从 CloudWatch Logs 订阅筛选器发送的记录中提取单个日志事件。启用 VPC 流日志,并将其发送到 CloudWatch。创建将日志事件发送到 Kinesis Data Firehose 传输流的 CloudWatch Logs 订阅。
C. Ask the company to log every request that is made to the databases along with the EC2 instance IP address. Export the CloudWatch logs to an Amazon S3 bucket. Use Amazon Athena to query the logs grouped by database name. Export Athena results to another S3 bucket. Invoke an AWS Lambda function to automatically send any new file that is put in the S3 bucket to Splunk.
中文翻译:
要求公司记录向数据库发出的每个请求以及 EC2 实例 IP 地址。将 CloudWatch 日志导出到 Amazon S3 存储桶。使用 Amazon Athena 查询按数据库名称分组的日志。将 Athena 结果导出到另一个 S3 存储桶。调用 AWS Lambda 函数以自动将放入 S3 存储桶中的任何新文件发送到 Splunk。
D. Send the CloudWatch logs to an Amazon Kinesis data stream with Amazon Kinesis Data Analytics for SQL Applications. Configure a 1-minute sliding window to collect the events. Create a SQL query that uses the anomaly detection template to monitor any networking traffic anomalies in near-real time. Send the result to an Amazon Kinesis Data Firehose delivery stream with Splunk as the destination.
中文翻译:
使用 Amazon Kinesis Data Analytics for SQL 应用程序将 CloudWatch 日志发送到 Amazon Kinesis 数据流。配置 1 分钟滑动窗口来收集事件。创建一个使用异常检测模板的 SQL 查询来近乎实时地监控任何网络流量异常。将结果发送到 Amazon Kinesis Data Firehose 传输流,并以 Splunk 作为目标。
答案
B
解析
正确答案:B 解析: 本题应选择 B。 正确选项: B. 创建 Amazon Kinesis Data Firehose 传输流,并将 Splunk 作为目标。使用 Kinesis Data Firehose 流处理器配置预处理 AWS Lambda 函数,该函数从 CloudWatch Logs 订阅筛选器发送的记录中提取单个日志事件。启用 VPC 流日志,并将其发送到 CloudWatch。创建将日志事件发送到 Kinesis Da...