AWS Certified Security – Specialty — Question 19

Amazon CloudWatch Logs agent is successfully delivering logs to the CloudWatch Logs service. However, logs stop being delivered after the associated log stream has been active for a specific number of hours.
What steps are necessary to identify the cause of this phenomenon? (Choose two.)

Answer options

• A. Ensure that file permissions for monitored files that allow the CloudWatch Logs agent to read the file have not been modified.
• B. Verify that the OS Log rotation rules are compatible with the configuration requirements for agent streaming.
• C. Configure an Amazon Kinesis producer to first put the logs into Amazon Kinesis Streams.
• D. Create a CloudWatch Logs metric to isolate a value that changes at least once during the period before logging stops.
• E. Use AWS CloudFormation to dynamically create and maintain the configuration file for the CloudWatch Logs agent.

Correct answer: A, B

Explanation

Option A is correct because incorrect file permissions can prevent the CloudWatch Logs agent from accessing the necessary log files. Option B is also correct because incompatible log rotation rules can lead to logs being unavailable for the agent to process. Options C, D, and E do not directly address the issue of log delivery stoppage related to file access or log rotation.