CloudWatch

Question 1

What AWS service provides the ability to monitor applications, infrastructure, networks, and services, enabling alarms, log analysis, and automated actions?

Answer 1

AWS CloudWatch

Question 2

Is AWS CloudWatch a public service?

Answer 2

Yes, it is a public service accessible through AWS public endpoints and can be used from both AWS and on-premises environments

Question 3

How do public AWS services access AWS CloudWatch?

Answer 3

Through an Internet Gateway

Question 4

How do private AWS services access AWS CloudWatch?

Answer 4

Through a VPC Interface Endpoint

Question 5

What type of native integration do AWS services have with AWS CloudWatch?

Answer 5

Managment Plane, that includes general metrics for the service

For EC2 this can be CPUUtilization, NetworkIn, NetworkOut metrics

Question 6

What software is required to create custom metrics in AWS CloudWatch?

Answer 6

CloudWatch Agent (CWAgent)

Question 7

What AWS CloudWatch software enables access to internal EC2 instance metrics like memory utilization, running processes, and disk space usage?

Answer 7

CloudWatch Agent (CWAgent)

Question 8

How can on-premises applications integrate with AWS CloudWatch?

Answer 8

• AWS CloudWatch API
• AWS CloudWatch Agent (CWAgent)

Question 9

What options are available for viewing data stored in AWS CloudWatch?

Answer 9

• Console UI
• CLI
• API

Question 10

Which AWS CloudWatch feature monitors metrics and triggers actions when thresholds are exceeded?

Answer 10

CloudWatch Alarms, which track metrics over time and respond based on threshold values

Question 11

What states can an AWS CloudWatch Alarm transition between?

Answer 11

• OK: Metric remains below the threshold
• ALARM: Metric exceeds the threshold
• INSUFFICIENT_DATA: Not enough data to determine the state

Question 12

What happens when an AWS CloudWatch Alarm breaches its threshold?

Answer 12

Entering the ALARM state triggers one or more predefined actions:

• Sending notifications via SNS
• Executing remediation tasks
• Modifying Auto Scaling policies
• Initiating EventBridge events

Question 13

What metric type can a high-resolution AWS CloudWatch Alarm monitor?

Answer 13

High-resolution metrics with a period of 10 or 30 seconds

Question 14

What is the smallest unit of information in CloudWatch, consisting of a value, timestamp, and optionally a unit of measure?

Answer 14

Datapoint

Question 14

What CloudWatch component acts as a container for grouping metrics from different services?

Answer 14

Namespace (e.g., AWS/EC2, AWS/Lambda)

Question 15

What CloudWatch component represents a named, time-ordered series of datapoints?

Answer 15

Metric, identified by a MetricName (e.g., CPUUtilization) and a Namespace (e.g., AWS/EC2)

Question 16

What CloudWatch component represents a name/value pair attached to datapoints, used to differentiate or aggregate metric data?

Answer 16

Dimension

Question 17

What information does a datapoint include when sent to AWS CloudWatch?

Answer 17

• Value
• Timestamp
• Unit of measure
• MetricName
• Namespace
• One or more Dimensions

Question 18

How can metrics for different services and resources be distinguished in AWS CloudWatch?

Answer 18

By combining the following pieces of information:
- Namespace: AWS/EC2
- Metric Name: CPUUtilization
- Dimensions: Name=InstanceId, Value=i-1234567890abcdef0

Question 19

What are the types of metric resolutions supported in AWS CloudWatch?

Answer 19

• Standard Resolution: 60-second granularity
• High Resolution: 1-second granularity (higher cost)

Question 20

What AWS CloudWatch metric resolution type is used by AWS services by default?

Answer 20

Standard resolution (60 seconds)

Question 21

Which CloudWatch metric resolution provides faster, more immediate insights?

Answer 21

High resolution (1 second)

Question 22

Does AWS CloudWatch retain the original resolution of metrics as data ages?

Answer 22

No, data is aggregated and stored with lower resolution over time:
- Sub-60-second data: retained for 3 hours
- 60-second (1-minute) data: retained for 15 days
- 300-second (5-minute) data: retained for 63 days
- 3600-second (1-hour) data: retained for 455 days

Question 23

What CloudWatch component allows aggregating metric data over a specified time period?

Answer 23

Statistics

Question 24

What types of statistics does AWS CloudWatch support for a metric?

Answer 24

• SampleCount
• Sum
• Average
• Minimum
• Maximum
• Percentile (p)
• Trimmed Mean (TM)
• Interquartile Mean (IQM)
• Winsorized Mean (WM)
• Percentile Rank (PR)
• Trimmed Count (TC)
• Trimmed Sum (TS)

Question 25

Which AWS CloudWatch statistic helps analyze the distribution of metric data by showing the relative standing of a value and eliminating outliers?

Answer 25

Percentile (p)

Question 26

Is AWS CloudWatch Logs a global service?

Answer 26

No, it is a regional service

Question 26

Which AWS service centralizes logs from systems, applications, and AWS services into a scalable solution?

Answer 26

AWS CloudWatch Logs

Question 27

If AWS CloudWatch Logs is regional, where are logs from global AWS services like Route 53 stored?

Answer 27

In the us-east-1 region

Question 28

Does AWS CloudWatch Logs support logging only for AWS services?

Answer 28

No, it supports logs from:
- AWS services
- On-premises systems
- IoT devices and other applications

Question 29

Which AWS services integrate with AWS CloudWatch Logs?

Answer 29

• VPC Flow Logs
• CloudTrail
• Route 53
• API Gateway
• Lambda
• Elastic Beanstalk
• ECS and more

Question 30

What software is required to send system or custom application logs to AWS CloudWatch Logs?

Answer 30

CloudWatch Agent (CWAgent)

Question 31

What are the two main functional sides of AWS CloudWatch Logs?

Answer 31

• Ingestion Side: Handles the process of collecting and storing logs in the system
• Subscription Side: Enables other services to use logs for additional actions, such as analysis or triggering workflows

Question 32

How does log data get into AWS CloudWatch Logs?

Answer 32

Logging sources send log events to CloudWatch Logs via:
- CloudWatch Agent (CWAgent)
- CloudWatch API

Question 33

What AWS CloudWatch Logs component represents a single unit of log data ingestion, and consists of Timestamp and a Raw Message?

Answer 33

Log Event

Question 34

What AWS CloudWatch Logs component represents a series of Log Events generated by the same source (resoruce)?

Answer 34

Log Stream

Question 35

What AWS CloudWatch Logs component groups multiple Log Streams together and defines shared settings like retention policies, monitoring, and access controls?

Answer 35

Log Group

Question 36

Which AWS CloudWatch Logs component is used to configure retention, permissions, and encryption?

Answer 36

Log Group

Question 37

What feature in AWS CloudWatch Logs enables pattern detection within a Log Stream inside a Log Group?

Answer 37

Metric Filter

Question 38

How data captured by AWS CloudWatch Logs Metric Filters can be used?

Answer 38

Can be used to create a Metrics that can trigger an Alarms, which can initiate actions, such as notifications or automated responses

Question 39

What are common use cases for AWS CloudWatch Logs Metric Filters?

Answer 39

Monitoring application failures:
- Application crashes (e.g., HTTP 500 errors)
- Failed login attempts, and more

Question 40

What are the two options for exporting data from AWS CloudWatch Logs?

Answer 40

• S3 Export
• CloudWatch Logs Subscription Filter

Question 41

Which CloudWatch Logs export option is a non-realtime, manual process that can take up to 12 hours to complete?

Answer 41

S3 Export, using the CreateExportTask operation

Question 42

Which CloudWatch Logs export option provides access to real-time feed of log events, delivering them to various AWS services?

Answer 42

CloudWatch Logs Subscription Filter

Question 43

What AWS CloudWatch Logs feature specifies the filter pattern for selecting log events and determines where to send matching events?

Answer 43

CloudWatch Logs Subscription Filter

Question 43

When AWS CloudWatch Logs Subscription Filter delivers log events to receiving services, are the events in raw format?

Answer 43

No, the event data is base64-encoded and compressed using gzip

Question 44

Which AWS services can be used with CloudWatch Logs Subscription Filter for real-time log event processing?

Answer 44

• Lambda for custom processing
• Lambda + Kinesis Data Streams
• Lambda + Kinesis Data Firehose (NOT real-time)

Question 45

What option in AWS CloudWatch Logs Subscription Filter determines which log events are processed by the filter?

Answer 45

Pattern

Question 46

What option in AWS CloudWatch Logs Subscription Filter specifies the target for log event delivery?

Answer 46

Destination ARN

Question 47

Which AWS CloudWatch Subscription Filter option determines how log events are grouped before being sent to the destination service?

Answer 47

Distribution

Question 48

Which AWS CloudWatch Subscription Filter option specifies the access permissions required to deliver log events to the destination service?

Answer 48

Permissions

Question 49

What AWS CloudWatch Logs feature enables centralizing logs from multiple AWS accounts into a single account for analysis?

Answer 49

CloudWatch Logs Subscription Filter