Answer-first summary for fast verification
Answer: Use AWS Glue to crawl the S3 logs, then perform complex SQL queries with Athena.
To use Amazon Athena for querying logs stored in S3, you would first use AWS Glue to crawl the data and create a metadata catalog. This catalog defines the schema for the logs. Once this is set up, you can use Athena to run SQL queries directly against the S3 data, allowing for efficient and scalable analysis of the log data to identify suspicious activities.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Explain how you would use Amazon Athena to query logs stored in Amazon S3 for contextual information related to a security event. Provide a detailed approach including the setup and the SQL queries you would use to identify suspicious activities.
A
Set up Athena by defining a schema for the logs, use basic SQL queries to filter and analyze log data.
B
Manually download logs from S3, then use a local SQL client to query the data.
C
Use AWS Glue to crawl the S3 logs, then perform complex SQL queries with Athena.
D
Import logs into a relational database, then use Athena to query the database.