Explore key concepts of monitoring virtual servers using CloudWatch and CloudTrail. This quiz assesses your understanding of metrics, logs, alerts, and event tracking related to EC2 instances for effective cloud resource management.
Which type of monitoring enables you to view basic metrics such as CPU utilization and disk I/O for your virtual machines without extra configurations?
Explanation: Basic monitoring provides essential metrics by default, such as CPU utilization and disk I/O, for your virtual machines. Advanced monitoring requires extra configuration and can incur additional costs, but it provides more frequent and detailed metrics. System-level monitoring is not a standard term in this context. User data monitoring refers to tracking scripts or data given to instances at launch, not performance metrics.
What is the primary purpose of CloudTrail when used in conjunction with EC2 instances?
Explanation: CloudTrail's main function is to record API calls and user activities related to EC2, making it useful for auditing and troubleshooting. It does not directly monitor CPU performance; that is a task for monitoring tools such as CloudWatch. Storing system logs refers to application or OS logging, not CloudTrail's core function. CloudTrail does not handle data encryption of instance storage.
If you want to create an automatic alert when a specific error appears in EC2 logs, which CloudWatch feature should you use?
Explanation: Metric filters allow you to scan instance logs for specific patterns, such as error codes, and generate alerts or metrics based on their presence. Data pipelines are meant for data processing and movement and do not directly interact with monitoring logs for alerts. Console dashboards visualize metrics but do not detect log patterns automatically. Snapshot archives concern backup and storage rather than monitoring log errors.
An engineer wants to receive an email alert if an EC2 instance’s CPU utilization stays above 80% for five minutes. What should be configured?
Explanation: A CloudWatch alarm can monitor metrics like CPU utilization and trigger notifications if specified thresholds are met for a certain duration. CloudTrail events are used for auditing user activities, not for threshold-based resource metrics. Volume snapshots create backups but have nothing to do with alerts. Instance tagging is for organizing resources and does not trigger notifications.
For how long are CloudTrail events stored by default before being rotated out if not delivered to long-term storage?
Explanation: CloudTrail retains events for 90 days by default, allowing users to access recent logs for auditing or troubleshooting purposes. Thirty and seven days are both too short for the default window, while 365 days is much longer than the default retention period. For longer retention, you must explicitly send logs to persistent storage.
A developer needs to monitor application-level data, such as the number of processed orders each minute, on an EC2 instance. What is the most appropriate CloudWatch solution?
Explanation: Custom metrics allow you to track and report any data that is not natively collected, such as business or application activity counts. Basic monitoring only provides host and network performance metrics, not application data. System logs collection is useful for log analysis but does not convert data into metrics automatically. Assigning new instance roles does not help with metric collection.
Which agent should be installed on an EC2 instance to forward its operating system logs to CloudWatch Logs for centralized analysis?
Explanation: A log forwarding agent is installed on instances to send operating system logs to CloudWatch Logs for aggregation and analysis. A volume management driver deals with disk operations, not log forwarding. Snapshot sync utilities are for backups, and a connectivity analyzer checks network paths but does not handle log forwarding.
Which of the following is NOT a standard metric available in basic CloudWatch monitoring for virtual machines?
Explanation: Application error rate is not a standard metric and requires implementing custom metrics, as it is specific to the application. CPU utilization, disk read operations, and network in are all standard performance metrics collected automatically. Custom methods are needed to report application-specific information like error rates.
When investigating who stopped an EC2 instance unexpectedly, which monitoring tool provides the required activity log?
Explanation: CloudTrail captures actions taken on resources, such as stopping an instance, and records details about who initiated the action. CloudWatch Metrics monitors resource performance, not user actions. Instance metadata provides information about the instance itself but not about operator activities. Storage events are related to data storage changes, not instance control operations.
What is the main advantage of creating a monitoring dashboard for EC2 in CloudWatch?
Explanation: Dashboards provide a consolidated visual display of various resource metrics, facilitating easy and quick monitoring. They do not encrypt traffic; network encryption is handled separately. Increasing instance memory involves resizing the instance, not changing dashboards. Automatic backups pertain to data protection features, not visual monitoring.