MemberAugust 19, 2020 at 12:26 pm
One of the Questions in Category SEC – Infrastructure Security on the AWS Certified Security Specialty Practice exams has an explanation for an incorrect answer that is not one of the answers.
The option that says: Ensure that the time zone on the application servers is in UTC or Local timezone is incorrect because you can either have UTC or LOCAL time zone in CloudWatch Logs. This is not a possible culprit for this issue.
Ensure that the time zone on the application servers is in UTC or Local timezone, this is not one of the answers. It is there in place of: Verify that the trust relationship grants the service cwlogs.amazonaws.com permission to write objects to the S3 bucket that is internally used by Amazon CloudWatch Logs service.
This is for:
Category: SEC – Infrastructure Security
A company is using Amazon CloudWatch to monitor the application logs from multiple Linux EC2 instances via CloudWatch Logs agents installed in each instance. The agent configuration files have been verified and the log files to be pushed are properly configured. However, the Security Administrator identified that a few EC2 instances were not sending any logs at all.
Which actions should be taken to troubleshoot this problem? (Select TWO.)
Verify any rejected application log entries due to invalid time stamps or corrupted data by reviewing the /var/cloudwatch/rejects.log file.
Ensure that the IAM permissions used by the CloudWatch Logs agent allow putting log events as well as creating log groups and log streams in CloudWatch.
Use the AWS Systems Manager Run Command to confirm that the awslogs service is running on all Amazon EC2 instances.
Verify that the trust relationship grants the service cwlogs.amazonaws.com permission to write objects to the S3 bucket that is internally used by Amazon CloudWatch Logs service.
Enable Detailed Monitoring in CloudWatch.
MemberSeptember 22, 2020 at 10:50 pm
Thank you for your feedback.
Apologies for that. I reviewed this question and I see that our team has already updated this question with the correct explanation.
You should be able to see the updated explanation for this question.
Thank you very much! Let us know if you need further assistance. The Tutorials Dojo team is dedicated to helping you pass your AWS exam!
Kenneth Samonte @ Tutorials Dojo
Log in to reply.