AWS Certified Developer – Associate (DVA-C02) — Question 326

A company deploys a new application to AWS. The company is streaming application logs to Amazon CloudWatch Logs. The company's development team must receive notification by email when the word "ERROR" appears in any log lines. A developer sets up an Amazon Simple Notification Service (Amazon SNS) topic and subscribes the development team to the topic.

What should the developer do next to meet the requirements?

Answer options

• A. Select the appropriate log group. Create a CloudWatch metric filter with "ERROR" as the search term. Create an alarm on this metric that notifies the SNS topic when the metric is 1 or higher.
• B. In CloudWatch Logs Insights, select the appropriate log group. Create a metric query to search for the term "ERROR" in the logs. Create an alarm on this metric that notifies the SNS topic when the metric is 1 or higher.
• C. Select the appropriate log group. Create an SNS subscription filter with "ERROR" as the filter pattern. Select the SNS topic as the destination.
• D. Create a CloudWatch alarm that includes "ERROR" as a filter pattern, a log group dimension that defines the appropriate log group, and a destination that notifies the SNS topic.

Correct answer: A

Explanation

To trigger an SNS notification based on specific log contents, you must first create a CloudWatch metric filter on the appropriate log group to convert log patterns into a numerical metric. You can then create a CloudWatch alarm on that metric that triggers an action to notify the SNS topic when the metric count is 1 or greater. Other options are incorrect because CloudWatch Logs Insights is for interactive log analysis, subscription filters do not route directly to SNS, and CloudWatch alarms cannot filter log patterns without an underlying metric filter.