AWS Certified Solutions Architect - Associate

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company stores its application logs in an Amazon CloudWatch Logs log group. A new policy requires the company to store all application logs in Amazon OpenSearch Service (Amazon Elasticsearch Service) in near-real time.

Which solution will meet this requirement with the LEAST operational overhead?

Other

Community

UAnonymous

Last updated: February 23, 2026 at 11:39

Configure a CloudWatch Logs subscription to stream the logs to Amazon OpenSearch Service (Amazon Elasticsearch Service).

Create an AWS Lambda function. Use the log group to invoke the function to write the logs to Amazon OpenSearch Service (Amazon Elasticsearch Service).

Create an Amazon Kinesis Data Firehose delivery stream. Configure the log group as the delivery streams sources. Configure Amazon OpenSearch Service (Amazon Elasticsearch Service) as the delivery stream’s destination.

Install and configure Amazon Kinesis Agent on each application server to deliver the logs to Amazon Kinesis Data Streams. Configure Kinesis Data Streams to deliver the logs to Amazon OpenSearch Service (Amazon Elasticsearch Service).

Explanation:

Explanation

Correct Answer: C

Amazon Kinesis Data Firehose is the most efficient and low-overhead solution for streaming data from CloudWatch Logs to Amazon OpenSearch Service. Here's why:

Why Option C is Correct:

Direct Integration: CloudWatch Logs can directly stream logs to Kinesis Data Firehose using subscription filters.
Managed Service: Kinesis Data Firehose is a fully managed service that automatically handles data delivery, buffering, batching, compression, and encryption.
Near-real-time Delivery: Firehose can deliver data to OpenSearch Service with low latency (typically within 60 seconds).
Least Operational Overhead: No server management, no code to write, and minimal configuration required.
Automatic Scaling: Firehose automatically scales to handle varying data volumes.

Why Other Options are Not Optimal:

Option A: Incorrect because CloudWatch Logs subscriptions cannot directly stream to OpenSearch Service. CloudWatch Logs subscriptions can only stream to Kinesis Data Streams, Kinesis Data Firehose, or Lambda functions.

Option B: While this would work, it has higher operational overhead because:

Requires writing and maintaining Lambda function code
Needs to handle error handling, retries, and scaling
Requires monitoring and troubleshooting of the Lambda function
Additional cost for Lambda execution

Option D: This has the highest operational overhead because:

Requires installing and configuring agents on each application server
Needs ongoing agent maintenance and updates
More complex architecture with additional components
Higher operational burden for managing agents across multiple servers

Key Benefits of Kinesis Data Firehose:

Fully Managed: No servers to provision or manage
Automatic Buffering: Handles data batching and buffering automatically
Data Transformation: Optional data transformation using Lambda
Error Handling: Built-in error handling and retry mechanisms
Cost-Effective: Pay only for the data you process

Recommended Architecture:

Create a CloudWatch Logs subscription filter
Configure the subscription to stream to Kinesis Data Firehose
Set up Firehose delivery stream with OpenSearch Service as destination
Configure buffering, compression, and error handling in Firehose

This solution provides near-real-time log delivery with minimal operational overhead, meeting the requirement most effectively.

Powered ByGPT-5.2

Comments

Loading comments...