1 / 1010%
Question 1 of 10
Your customer is willing to consolidate their log streams (access logs, application logs, security logs etc.) in one single system. Once consolidated, the customer wants to analyze these logs in real time based on heuristics. From time to time, the customer needs to validate heuristics, which requires going back to data samples extracted from the last 12 hours. What is the best approach to meet your customer’s requirements?
ASend all the log events to Amazon SQS. Setup an Auto Scaling group of EC2 servers to consume the logs and apply the heuristics.
BSend all the log events to Amazon Kinesis develop a client process to apply heuristics on the logs
CConfigure Amazon CloudTrail to receive custom logs, use EMR to apply heuristics the logs
DSetup an Auto Scaling group of EC2 syslogd servers, store the logs on S3 use EMR to apply heuristics on the logs