AWS Certified Security – Specialty (SCS-C02) — Question 238

Amazon CloudWatch Logs agent is successfully delivering logs to the CloudWatch Logs service. However, logs stop being delivered after the associated log stream has been active for a specific number of hours.

What steps are necessary to identify the cause of this phenomenon? (Choose two.)

Answer options

• A. Ensure that file permissions for monitored files that allow the CloudWatch Logs agent to read the file have not been modified.
• B. Verify that the OS Log rotation rules are compatible with the configuration requirements for agent streaming.
• C. Configure an Amazon Kinesis producer to first put the logs into Amazon Kinesis Streams.
• D. Create a CloudWatch Logs metric to isolate a value that changes at least once during the period before logging stops.
• E. Use AWS CloudFormation to dynamically create and maintain the configuration file for the CloudWatch Logs agent.

Correct answer: A, B

Explanation

Options A and B are correct because ensuring file permissions and verifying compatibility of log rotation rules are crucial for uninterrupted log delivery. Options C, D, and E are not relevant to identifying the cause of the log delivery issue, as they do not address the core factors affecting the CloudWatch Logs agent's performance.