Topic 1 Question 150
A SysOps administrator is reviewing VPC Flow Logs to troubleshoot connectivity issues in a VPC. While reviewing the logs, the SysOps administrator notices that rejected traffic is not listed.
What should the SysOps administrator do to ensure that all traffic is logged?
Create a new flow log that has a filter setting to capture all traffic.
Create a new flow log. Set the log record format to a custom format. Select the proper fields to include in the log.
Edit the existing flow log. Change the filter setting to capture all traffic.
Edit the existing flow log. Set the log record format to a custom format. Select the proper fields to include in the log.
ユーザの投票
コメント(6)
Ans: A You CANNOT modify a VPC Flow Log Ref: https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-logs-limitations "After you create a flow log, you cannot change its configuration or the flow log record format. For example, you can't associate a different IAM role with the flow log, or add or remove fields in the flow log record. Instead, you can delete the flow log and create a new one with the required configuration."
👍 11Liongeek2022/11/16- 正解だと思う選択肢: A
Ans: A
👍 2marcelodba2022/12/09 - 正解だと思う選択肢: B
The answer is: B. Create a new flow log. Set the log record format to a custom format. Select the proper fields to include in the log.
You need to create a new flow log. There is no "filter setting to capture all traffic", but you can set the log record to a custom format as specified in the user guide (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-logs-custom)
👍 1yeacuz2022/12/31
シャッフルモード