AWS Certified SysOps Administrator – Associate (SOA-C03) — Question 41

A company has a critical serverless application that uses multiple AWS Lambda functions. Each Lambda function generates 1 GB of log data daily in its own Amazon CloudWatch Logs log group. The company’s security team asks for a count of application errors, grouped by type, across all of the log groups.
What should a CloudOps engineer do to meet this requirement?

Answer options

• A. Perform a CloudWatch Logs Insights query that uses the stats command and count function.
• B. Perform a CloudWatch Logs search that uses the groupby keyword and count function.
• C. Perform an Amazon Athena query that uses the SELECT and GROUP BV keywords.
• D. Perform an Amazon RDS query that uses the SELECT and GROUP BY keywords.

Correct answer: A

Explanation

The correct answer is A because CloudWatch Logs Insights is specifically designed for querying log data and can aggregate logs from multiple log groups, allowing for effective error counting. Options B and C do not leverage the capabilities of CloudWatch Logs for this purpose, and option D is irrelevant as Amazon RDS is not suited for querying CloudWatch Logs.