Which solution will meet these requirements with the LEAST operational overhead?

By:
In: DVA-C02
Tagged:
With: 1 Comment
A company runs an application on AWS.The company deployed the application on Amazon EC2 instances.The application stores data on Amazon Aurora.The application recently logged multiple application-specific custom DECRYP_ERROR errors to Amazon CloudWatch logs.The company did not detect the issue until the automated tests that run every 30 minutes failed.A developer must implement a solution that will monitor for the custom errors and alert a development team in real time when these errors occur in the production environment.

Which solution will meet these requirements with the LEAST operational overhead?

Configure the application to create a custom metric and to push the metric to CloudWatch. Create an AWS CloudTrail alarm. Configure the CloudTrail alarm to use an Amazon Simple Notification Service (Amazon SNS) topic to send notifications.

Create an AWS Lambda function to run every 5 minutes to scan the CloudWatch logs for the keyword DECRYP_ERROR. Configure the Lambda function to use Amazon Simple Notification Service (Amazon SNS) to send a notification.

Use Amazon CloudWatch Logs to create a metric filter that has a filter pattern for DECRYP_ERROR. Create a CloudWatch alarm on this metric for a threshold >=1. Configure the alarm to send Amazon Simple Notification Service (Amazon SNS) notifications.

Install the CloudWatch unified agent on the EC2 instance. Configure the application to generate a metric for the keyword DECRYP_ERROR errors. Configure the agent to send Amazon Simple Notification Service (Amazon SNS) notifications.

Explanations:

While creating a custom metric and using CloudTrail for alarms is a viable method, it requires more setup and operational overhead to implement compared to other options. CloudTrail is primarily used for tracking API calls and changes in AWS resources, which may not directly relate to application-specific errors.

This option involves using an AWS Lambda function that scans CloudWatch logs every 5 minutes. While it would monitor for errors, the 5-minute interval introduces latency in alerting and requires continuous running of the Lambda function, leading to higher operational overhead.

This option is the most efficient as it utilizes CloudWatch Logs to create a metric filter for the specific error message. This setup allows real-time monitoring with minimal operational overhead. Once the metric filter detects the DECRYP_ERROR, a CloudWatch alarm can be triggered to send immediate notifications via SNS, fulfilling the requirements effectively.

Installing the CloudWatch unified agent adds unnecessary complexity to the solution. It involves more operational overhead by requiring additional configuration for the agent and metrics generation, while the existing capabilities of CloudWatch Logs and alarms would suffice to monitor for errors efficiently.

2025-10-18

1 Comment

  1. Julia
    Author

    To the best of my knowledge, the answer is:
    Use Amazon CloudWatch Logs to create a metric filter that has a filter pattern for DECRYP_ERROR. Create a CloudWatch alarm on this metric for a threshold >=1. Configure the alarm to send Amazon Simple Notification Service (Amazon SNS) notifications.

Leave a Reply

Your email address will not be published. Required fields are marked *

one × three =