0
0
AWScloud~20 mins

CloudWatch Logs in AWS - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
CloudWatch Logs Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
service_behavior
intermediate
2:00remaining
CloudWatch Logs Retention Behavior

You have a CloudWatch Logs group with a retention period set to 7 days. What happens to the logs older than 7 days?

ALogs older than 7 days remain indefinitely until manually deleted.
BLogs older than 7 days are archived to S3 automatically.
CLogs older than 7 days are automatically deleted by CloudWatch Logs.
DLogs older than 7 days are moved to a Glacier storage class.
Attempts:
2 left
💡 Hint

Think about how retention policies work in CloudWatch Logs.

Configuration
intermediate
2:00remaining
CloudWatch Logs Metric Filter Configuration

You want to create a metric filter in CloudWatch Logs to count the number of ERROR messages in your application logs. Which filter pattern correctly matches lines containing the word 'ERROR'?

A?ERROR
B[ERROR]
C{ $.level = "ERROR" }
D"ERROR"
Attempts:
2 left
💡 Hint

Metric filter patterns use simple string matching or JSON syntax.

Architecture
advanced
3:00remaining
Designing Centralized Log Storage with CloudWatch Logs

You have multiple AWS accounts generating logs. You want to centralize all logs into a single CloudWatch Logs account for monitoring and analysis. Which architecture best achieves this?

AUse CloudWatch Logs subscription filters in each account to stream logs to a central account's Kinesis Data Firehose delivery stream.
BManually export logs from each account to S3 and then import them into the central account's CloudWatch Logs.
CSet the retention period to infinite in each account and access logs remotely from the central account.
DCreate CloudWatch Dashboards in each account and aggregate data manually.
Attempts:
2 left
💡 Hint

Think about streaming logs in real-time to a central location.

security
advanced
3:00remaining
Securing CloudWatch Logs Access

You want to restrict access so that only a specific IAM role can read logs from a CloudWatch Logs group. Which policy element correctly restricts access?

AWS
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": ["logs:GetLogEvents", "logs:FilterLogEvents"],
      "Resource": "arn:aws:logs:us-east-1:123456789012:log-group:MyAppLogs:*",
      "Condition": {
        "StringEquals": {
          "aws:PrincipalArn": "arn:aws:iam::123456789012:role/SpecificRole"
        }
      }
    }
  ]
}
AThe policy allows any IAM user in the account to read logs from 'MyAppLogs'.
BThe policy allows only the IAM role 'SpecificRole' to read logs from 'MyAppLogs' log group.
CThe policy denies all access to 'MyAppLogs' log group.
DThe policy allows all actions on all log groups in the account.
Attempts:
2 left
💡 Hint

Look at the Condition element restricting access by principal ARN.

Best Practice
expert
3:00remaining
Optimizing CloudWatch Logs Cost and Performance

You have a high volume of logs generating in CloudWatch Logs. To reduce costs and improve query performance, which approach is best?

AUse subscription filters to send logs to an Amazon S3 bucket with lifecycle policies and query logs using Athena.
BIncrease the retention period to keep logs longer in CloudWatch Logs.
CDisable all metric filters to reduce processing costs.
DStore logs only in CloudWatch Logs with no export or archiving.
Attempts:
2 left
💡 Hint

Think about offloading logs to cheaper storage and using efficient query tools.