Ends in
00
days
00
hrs
00
mins
00
secs
SHOP NOW

$2 OFF in ALL Azure Practice Exams & NEW AZ-500 Microsoft Azure Security Engineer Associate Practice Exams at $10.99!

Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Solutions Architect Associate Timed set 4- question number 64- Expalnation not complete

Tagged: ,

  • Timed set 4- question number 64- Expalnation not complete

     TutorialsDojo-Support updated 3 years, 10 months ago 2 Members · 2 Posts
    AWS Certified Solutions Architect Associate

  • ishan-sharma

    Member
    May 29, 2020 at 5:43 am

    64. QUESTION

    You are managing an online platform which allows people to easily buy, sell, spend, and manage their cryptocurrency. To meet the strict IT audit requirements, each of the API calls on all of your AWS resources should be properly captured and recorded. You used CloudTrail in your VPC to help you in the compliance, operational auditing, and risk auditing of your AWS account.

    In this scenario, where does CloudTrail store all of the logs that it creates?

    For this question the explanation given is all about the creation of cloud trail, however the question of “where” does the CloutTrail stores all of the Log that it creates is not given.

    I choose Dynamo DB from the options as I thought that the logs are a blob of text and would be better to have them stored in some structure, however, the answer turned out to be S3 bucket.

    The reason why I got the answer wrong is as follows:

    I don’t know the output format of the logs, I am oblivion of how they are stored generally in any system. All I know about logs is that they are a bunch of text that can be stored in textfile.

    Also in which format does the CloudTrail logs stored in the S3 bucket.

    Warmly,
    Ishan

  • TutorialsDojo-Support

    Member
    May 30, 2020 at 4:31 pm

    Hi Ishan,

    Thank you for your feedback.

    Events (API calls) that happen on your AWS account are recorded by AWS CloudTrail and is saved on the Event History. By default it allows you to view, search, and download the past 90 days of activity in your AWS account.

    In this scenario, you can create a “trail” to record events on your AWS account. A trail is a configuration that enables the delivery of events to an Amazon S3 bucket that you specify. You can create a CloudTrail trail to archive logs, analyze logs, and/or respond to changes in your AWS resources.

    The CloudTrail logs are delivered to S3 in JSON format. The logs are compressed with GZIP compression (you can use 7-zip utility to uncompress them). You can use any normal text viewer to view these logs.

    You can also deliver and analyze events in a trail with Amazon CloudWatch Logs and Amazon CloudWatch Events. You can view these logs on the AWS CloudWatch Logs console if you choose to deliver them to CloudWatch.

    https://docs.aws.amazon.com/awscloudtrail/latest/userguide/how-cloudtrail-works.html

    https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-read-log-files.html

    Hope this helps.

    Regards,

    Kenneth Samonte @ Tutorials Dojo

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now