Question

An organization is using Amazon CloudWatch Logs with agents deployed on its Linux Amazon EC2 instances.

The agent configuration files have been checked and the application log files to be pushed are configured correctly. A review has identified that logging from specific instances is missing.
Which steps should be taken to troubleshoot the issue? (Choose two.)
A. Use an EC2 run command to confirm that the "awslogs" service is running on all instances.
B. Verify that the permissions used by the agent allow creation of log groups/streams and to put log events.
C. Check whether any application log entries were rejected because of invalid time stamps by reviewing /var/ cwlogs/rejects.log.
D. Check that the trust relationship grants the service "cwlogs.amazonaws.com" permission to write objects to the Amazon S3 staging bucket.
E. Verify that the time zone on the application servers is in UTC.

Answer 1

A and B

Step-by-step explanation:

EC2 run command gives a management output to review various instances and servers. Here, the logging files, collecting metrics and patches, running script installations can be achieved.

Verify the user permission and the run command, confirms if whether or not the problem of missing logging files is from the settings.

There are several AWS and customer managed policies for cloudwatch logs to give users certain levels for permission. Verifying this determines if there is full access, group logs and creation of group log events, or even a read only access.