AWS Certified SysOps Administrator – Associate — Question 169

A company has a critical serverless application that uses multiple AWS Lambda functions. Each Lambda function generates 1 GB of log data daily in its own Amazon CloudWatch Logs log group. The company's security team asks for a count of application errors, grouped by type, across all of the log groups.

What should a SysOps administrator do to meet this requirement?

Answer options

• A. Perform a CloudWatch Logs Insights query that uses the stats command and count function.
• B. Perform a CloudWatch Logs search that uses the groupby keyword and count function.
• C. Perform an Amazon Athena query that uses the SELECT and GROUP BY keywords.
• D. Perform an Amazon RDS query that uses the SELECT and GROUP BY keywords.

Correct answer: A

Explanation

The correct answer is A, as CloudWatch Logs Insights is specifically designed for querying log data efficiently, allowing administrators to use the stats command to aggregate and count errors. Option B is incorrect because the groupby keyword does not exist in CloudWatch Logs search syntax. Options C and D are also incorrect because Amazon Athena and Amazon RDS are not directly used for querying CloudWatch Logs.