AWS Certified DevOps Engineer – Professional (DOP-C02) — Question 370
A company has a web application that publishes logs that contain metadata for transactions, with a status of success or failure for each log. The logs are in JSON format. The application publishes the logs to an Amazon CloudWatch Logs log group.
The company wants to create a dashboard that displays the number of successful transactions.
Which solution will meet this requirement with the LEAST operational overhead?
Answer options
- A. Create an Amazon OpenSearch Service cluster and an OpenSearch Service subscription filter to send the log group data to the cluster. Create a dashboard within the Dashboards feature in the OpenSearch Service cluster by using a search query for transactions that have a status of success.
- B. Create a CloudWatch subscription filter for the log group that uses an AWS Lambda function. Configure the Lambda function to parse the JSON logs and publish a custom metric to CloudWatch for transactions that have a status of success. Create a CloudWatch dashboard by using a metric graph that displays the custom metric.
- C. Create a CloudWatch metric filter for the log groups with a filter pattern that matches the transaction status property and a value of success. Create a CloudWatch dashboard by using a metric graph that displays the new metric.
- D. Create an Amazon Kinesis data stream that is subscribed to the log group. Configure the data stream to filter incoming log data based on a status of success and to send the filtered logs to an AWS Lambda function. Configure the Lambda function to publish a custom metric to CloudWatch. Create a CloudWatch dashboard by using a metric graph that displays the custom metric.
Correct answer: C
Explanation
Creating a CloudWatch metric filter is the most efficient solution because it natively extracts metrics from JSON logs without requiring external compute resources. Other options that introduce AWS Lambda, Amazon Kinesis, or Amazon OpenSearch Service add unnecessary architectural complexity, cost, and administrative overhead.