Logging and Observability Flashcards

1
Q

CLoud Watch Metrics Standard Granualirty v detailed

A

By Deafult CloudWatch colelcts standard resolution at 5 mins

Detailed monitoring is every minute.

High Resolution every second.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Cloud Watch High Resolution Granualiaty

A

every second.

Metrics produced by AWS services are standard resolution by default. When you publish a custom metric, you can define it as either standard resolution or high resolution. When you publish a high-resolution metric, CloudWatch stores it with a resolution of 1 second, and you can read and retrieve it with a period of 1 second, 5 seconds, 10 seconds, 30 seconds, or any multiple of 60 seconds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

CloudWath - if you see menton of Near Real Time, think ……

A

High Resolution Logs (1 second).

You can publish your own metrics, known as custom metrics, to CloudWatch using the AWS CLI or an API.

every PutMetricData call for a custom metric is charged, so calling PutMetricData more often on a high-resolution metric can lead to higher charges.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Whats is XRay Daemon and waht port does it use?

A

EC2 X-Ray Daemon - The AWS X-Ray daemon is a software application that listens for traffic on UDP port 2000, gathers raw segment data, and relays it to the AWS X-Ray API. The daemon logs could help with figuring out the problem.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How can you Analyze S3 Storage patterns to help work out the best storage class ?

A

S3 Analytics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How would you indentify unused IAM roles or ?

A

Access Advisor feature on IAM console. This is a TAB on user/group/role that shows each service and when it was last accessed

Identifying and removing unused permissions to reduce the attack surface.

Analyzing the necessity of certain permissions granted to users or roles over time.

Maintaining compliance by ensuring users and roles do not have excessive permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How would you idenitify policies that enable access outside of your zone?

A

IAM Access Analyzer

IAM Access Analyzer - AWS IAM Access Analyzer helps you identify the resources in your organization and accounts, such as Amazon S3 buckets or IAM roles, that are shared with an external entity. This lets you identify unintended access to your resources and data, which is a security risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

User isnt able to see the Billing and Cost Management options in console

A

You need to activate IAM user access to the Billing and Cost Management console for all the users who need access - By default, IAM users do not have access to the AWS Billing and Cost Management console. You or your account administrator must grant users access. You can do this by activating IAM user access to the Billing and Cost Management console and attaching an IAM policy to your users. Then, you need to activate IAM user access for IAM policies to take effect. You only need to activate IAM user access once.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How do you monitor incoming traffic and latency for your ALB ?

A

ALB access logs - Elastic Load Balancing provides access logs that capture detailed information about requests sent to your load balancer. Each log contains information such as the time the request was received, the client’s IP address, latencies, request paths, and server responses. You can use these access logs to analyze traffic patterns and troubleshoot issues. Access logging is an optional feature of Elastic Load Balancing that is disabled by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How do you get real time guidance and AWS best practices for cost optimization ?

A

AWS Trusted Advisor - AWS Trusted Advisor is an online tool that provides you real-time guidance to help you provision your resources following AWS best practices on cost optimization, security, fault tolerance, service limits, and performance improvement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

AWS Budget Forecasts have been setup but no alarms have been triggered. what could the cause be.

A

AWS requires approximately 5 weeks of usage data to generate budget forecasts - AWS requires approximately 5 weeks of usage data to generate budget forecasts. If you set a budget to alert based on a forecasted amount, this budget alert isn’t triggered until you have enough historical usage information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

valid SAM Serverless Resource Types.

A

SAM supports the following resource types:

AWS::Serverless::Api

AWS::Serverless::Application

AWS::Serverless::Function

AWS::Serverless::HttpApi

AWS::Serverless::LayerVersion

AWS::Serverless::SimpleTable

AWS::Serverless::StateMachine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which logs can be used to check if traffic is hitting a subnet ?

A

VPC Flow Logs

VPC Flow Logs - VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow log data can be published to Amazon CloudWatch Logs or Amazon S3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Cloud watch monitoring durations

A

AWS have three levels of monitoring frequency

“standard” the free tier 5 minute metrics
“detailed” the pay for version, 1 minute metrics
“high resolution” anything under 1 minute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

IAM Access advisor v access analyser

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Your manager has requested to collect system memory metrics on all EC2 instances using a script.

A

Use a cron job on the instances that pushes the EC2 RAM statistics as a Custom metric into CloudWatch

17
Q
A
18
Q

CLOUD TRAIL

A

Audii API calls made by Users Services or Console.

Useful to find unahtorised calls or root cause of soemthing due to an API call - WHO did WHAT.

19
Q

CLOUD WATCH

A

Metrics for Mobitoring
Logs for Stroing Logs
Alarm to send notifications

20
Q

XRAY

A

Automated Trace Analysis acorss mutliple services VISUALLY.

Trouble shoot bottle necks
Understand Dependencies in MicroService
Check for throttling
Pinpoint Service Issues.
Identify what users are affected.

XRay can work with:
Lambda
EC2
ECS
ELB
API Gateway
On Prem.

XRAY uses Tracing made up of segments that follow all requests.

C

21
Q

Cloudwatch Events (Now called Event Bridge) verses CloudWatch Alarms.

A

An EVENT triggers when it is created or according to a schedule, but an ALARM needs a threshold reached

CloudWatch Alarms are very limited in what they can target. You can send SNS msg, start/stop EC2 isntances and Scale ASG msgs only.

EventBridge lets you interface to many targets including Lambda and can be used to enable event drive architecture

(Note, Alarms can indirectly trigger Lambda by sending msg to SNS and have Lambda listen for SNS events)

22
Q

If you add a cloud watch filter , can you query on existing data?

A

Filters do not retroactively filter data. Filters only publish the metric data points for events that happen after the filter was created.

You can search and filter the log data coming into CloudWatch Logs by creating one or more metric filters. Metric filters define the terms and patterns to look for in log data as it is sent to CloudWatch Logs. CloudWatch Logs uses these metric filters to turn log data into numerical CloudWatch metrics that you can graph or set an alarm on.

When you create a metric from a log filter, you can also choose to assign dimensions and a unit to the metric. If you specify a unit, be sure to specify the correct one when you create the filter. Changing the unit for the filter later will have no effect.