data and they must be able to query the same. How can you achieve this?
A. You can use the AWS Lambda to transform this data in the desired format.
B. You will be using AWS Glue ETL tool to create catalog for this data.
C. You will be using ElasticSearch
D. You will be storing this Data in DynamoDB table
E. You will be storing this data in Redshift cluster
1. A,B
2. B,C
3. C,D
4. D,E
5. A,E
Correct Answer : 1 Exp : As CloudTrail API logs are already saved in an S3 bucket and you should be able to query this data for any further analysis.
AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. You can create and run an ETL job with a few clicks in the AWS
Management Console. You simply point AWS Glue to your data stored on AWS, and AWS Glue discovers your data and stores the associated metadata (e.g. table definition and schema) in the AWS Glue Data Catalog. Once
cataloged, your data is immediately searchable, queryable, and available for ETL.
Using AWS Glue and AWS Lambda to convert AWS CloudTrail logs from JSON to a query-optimized format dataset in Amazon S3. Then use Amazon Athena and Amazon QuickSight to query and visualize the data.
CloudTrail delivers log files in an Amazon S3 bucket folder. To correctly crawl these logs, you modify the file contents and folder structure using an Amazon S3-triggered Lambda function that stores the transformed
files in an S3 bucket single folder. When the files are in a single folder, AWS Glue scans the data, converts it into Apache Parquet format, and catalogs it to allow for querying and visualization using Amazon Athena
and Amazon QuickSight.
1
