Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS CCP Certification > AWS Monitoring and Logging Services > Flashcards

AWS Monitoring and Logging Services Flashcards

1
Q

A monitoring service for AWS cloud resources and the applications you run on AWS

A

Amazon CloudWatch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Amazon CloudWatch Uses

A

CloudWatch is for performance monitoring (CloudTrail is for auditing).

Used to collect and track metrics, collect, and monitor log files, and set alarms.

Automatically react to changes in your AWS resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

CloudWatch monitors resources such as:

A

EC2 instances.
DynamoDB tables.
RDS DB instances.
Custom metrics generated by applications and services.
Any log files generated by your applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

CloudWatch Features and benefits

A

Gain system-wide visibility into resource utilization.

CloudWatch monitoring includes application performance.

Monitor operational health.

CloudWatch is accessed via API, command-line interface, AWS SDKs, and the AWS Management Console.

CloudWatch integrates with IAM.

Amazon CloudWatch Logs lets you monitor and troubleshoot your systems and applications using your existing system, application, and custom log files.

CloudWatch Logs can be used for real time application and system monitoring as well as long term log retention.

CloudWatch Logs keeps logs indefinitely by default.

CloudTrail logs can be sent to CloudWatch Logs for real-time monitoring.

CloudWatch Logs metric filters can evaluate CloudTrail logs for specific terms, phrases, or values.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

CloudWatch retains metric data as follows:

A

Data points with a period of less than 60 seconds are available for 3 hours. These data points are high-resolution custom metrics.

Data points with a period of 60 seconds (1 minute) are available for 15 days.

Data points with a period of 300 seconds (5 minute) are available for 63 days.

Data points with a period of 3600 seconds (1 hour) are available for 455 days (15 months).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

CloudWatch facts

A

Dashboards allow you to create, customize, interact with, and save graphs of AWS resources and custom metrics.

Alarms can be used to monitor any Amazon CloudWatch metric in your account.

Events are a stream of system events describing changes in your AWS resources.

Logs help you to aggregate, monitor and store logs.

Basic monitoring = 5 mins (free for EC2 Instances, EBS volumes, ELBs and RDS DBs).

Detailed monitoring = 1 min (chargeable).

Metrics are provided automatically for several AWS products and services.

There is no standard metric for memory usage on EC2 instances.

A custom metric is any metric you provide to Amazon CloudWatch (e.g. time to load a web page or application performance).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Options for storing logs:

A

CloudWatch Logs.

Centralized logging system (e.g. Splunk).

Custom script and store on S3.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Log storage best practice:

A

Do not store logs on non-persistent disks:

Best practice is to store logs in CloudWatch Logs or S3.

CloudWatch Logs subscription can be used across multiple AWS accounts (using cross account access).

Amazon CloudWatch uses Amazon SNS to send email.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A web service that records activity made on your account and delivers log files to an Amazon S3 bucket.

A

AWS CloudTrail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Amazon CloudTrail Uses

A

AWS CloudTrail is a web service that records activity made on your account and delivers log files to an Amazon S3 bucket.

CloudTrail is for auditing (CloudWatch is for performance monitoring).

CloudTrail is about logging and saves a history of API calls for your AWS account.

Provides visibility into user activity by recording actions taken on your account.

API history enables security analysis, resource change tracking, and compliance auditing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

CloudTrail logs API calls made via:

A

AWS Management Console.

AWS SDKs.

Command line tools.

Higher-level AWS services (such as CloudFormation).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

CloudTrail records account activity and service events from most AWS services and logs the following records:

A

The identity of the API caller.

The time of the API call.

The source IP address of the API caller.

The request parameters.

The response elements returned by the AWS service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

CloudTrail Facts

A

CloudTrail is enabled by default.

CloudTrail is per AWS account.

You can integrate CloudTrail with CloudWatch Logs to deliver data events captured by CloudTrail to a CloudWatch Logs log stream.

CloudTrail log file integrity validation feature allows you to determine whether a CloudTrail log file was unchanged, deleted, or modified since CloudTrail delivered it to the specified Amazon S3 bucket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You can consolidate logs from multiple accounts using an S3 bucket:

A
  1. Turn on CloudTrail in the paying account.
  2. Create a bucket policy that allows cross-account access.
  3. Turn on CloudTrail in the other accounts and use the bucket in the paying account.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS CCP Certification (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions