Ultimate access to all questions.
A company has implemented a hybrid cloud solution that integrates its on-premises data center with AWS. This setup includes Amazon VPC and Amazon EC2 instances which forward application logs to Amazon CloudWatch. These EC2 instances are responsible for fetching data from several on-premises relational databases. The company seeks to monitor in near-real time which EC2 instances are accessing these databases. They already utilize Splunk for on-premises monitoring. A solutions architect is tasked with devising a method to transmit network traffic data to Splunk. What strategy should the solutions architect adopt to fulfill these requirements?
A
Initiate VPC flow logs and direct them to CloudWatch. Develop an AWS Lambda function to regularly export these CloudWatch logs to an Amazon S3 bucket using the predefined export feature. Generate AWS credentials in the form of ACCESS_KEY and SECRET_KEY. Configure Splunk to retrieve the logs from the S3 bucket using these credentials.
B
Establish an Amazon Kinesis Data Firehose delivery stream targeting Splunk as the destination. Set up a pre-processing AWS Lambda function within the Kinesis Data Firehose stream processor to isolate individual log events from records transmitted by CloudWatch Logs subscription filters. Activate VPC flow logs and route them to CloudWatch. Implement a CloudWatch Logs subscription to forward log events to the Kinesis Data Firehose delivery stream.
C
Request the company to record each database access request, including the EC2 instance IP address. Export these CloudWatch logs to an Amazon S3 bucket. Employ Amazon Athena to query the logs, grouping them by database name. Export the Athena query results to another S3 bucket. Trigger an AWS Lambda function to automatically transmit any newly added files in the S3 bucket to Splunk.
D
Direct the CloudWatch logs to an Amazon Kinesis data stream integrated with Amazon Kinesis Data Analytics for SQL Applications. Configure a 1-minute sliding window to aggregate the events. Craft a SQL query utilizing the anomaly detection template to monitor network traffic anomalies in near-real time. Forward the query results to an Amazon Kinesis Data Firehose delivery stream with Splunk as the destination.