Question 1,302 of 1,740
Monitoring and LoggingmediumMultiple SelectObjective-mapped

Quick Answer

The answer is to use CloudWatch Logs Insights or export logs to Amazon S3 and query with Amazon Athena. CloudWatch Logs Insights is purpose-built for searching across multiple CloudWatch log groups for error patterns using its own query language, allowing you to filter, aggregate, and visualize log events without moving data. The export-to-S3-and-Athena option is equally valid because Athena can run SQL queries over the exported log files in S3, making it ideal for large-scale or complex pattern analysis. On the AWS Certified DevOps Engineer Professional DOP-C02 exam, this question tests your ability to distinguish native cross-log-group query tools from single-log-group features like filter patterns or subscription filters. A common trap is choosing CloudWatch Logs filter patterns, which only work within one log group at a time. Memory tip: think “Insights for instant cross-group search, Athena for SQL over S3 archives.”

DOP-C02 Monitoring and Logging Practice Question

This DOP-C02 practice question tests your understanding of monitoring and logging. Read the scenario carefully and evaluate each option against the stated constraints before committing to an answer. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.

A company uses Amazon CloudWatch Logs to store application logs. The DevOps team wants to search across multiple log groups for a specific error pattern. Which TWO options can be used to achieve this? (Choose TWO.)

Question 1mediummulti select
Read the full NAT/PAT explanation →

Answer choices

Why each option matters

Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.

Correct answer & explanation

Use CloudWatch Logs Insights to run queries across multiple log groups.

CloudWatch Logs Insights is purpose-built for querying log data across multiple log groups. It uses a query language to search, filter, and aggregate log events, making it ideal for identifying error patterns across different sources. This option is correct because it directly supports cross-log-group queries without additional data movement or infrastructure.

Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Answer analysis

Option-by-option breakdown

For each option: why learners choose it and why it is or isn't the right answer here.

  • Use CloudWatch Logs Insights to run queries across multiple log groups.

    Why this is correct

    CloudWatch Logs Insights can query multiple log groups simultaneously.

    Related concept

    Read the scenario before looking for a memorised answer.

  • Export the logs to Amazon S3 and use Amazon Athena to query the logs.

    Why this is correct

    Exporting to S3 and using Athena provides a serverless SQL query capability.

    Related concept

    Read the scenario before looking for a memorised answer.

  • Install the CloudWatch Logs agent on an EC2 instance and tail the logs.

    Why it's wrong here

    The agent is used to send logs to CloudWatch, not to search across log groups.

  • Create a Lambda function that reads logs from each log group and searches for the pattern.

    Why it's wrong here

    While possible, it's not a recommended or efficient method for ad-hoc searching.

  • Use Amazon Kinesis Data Analytics to process the log streams.

    Why it's wrong here

    Kinesis Data Analytics is for real-time analysis of streaming data, not for querying stored logs.

Common exam traps

Common exam trap: answer the scenario, not the keyword

The trap here is that candidates may think Lambda or Kinesis are suitable for ad-hoc log searching, but they are designed for real-time processing or custom workflows, not for efficient cross-log-group querying like CloudWatch Logs Insights or Athena.

Detailed technical explanation

How to think about this question

CloudWatch Logs Insights uses a query engine that automatically indexes log events by timestamp and supports operations like stats, sort, and filter across up to 20 log groups per query. Under the hood, it leverages a distributed query execution model that scans log data in parallel, providing results in seconds even for terabytes of logs. In contrast, exporting logs to S3 and querying with Athena is a cost-effective approach for large-scale historical analysis, but introduces latency due to export delays and requires managing S3 storage and Athena table schemas.

KKey Concepts to Remember

  • Read the scenario before looking for a memorised answer.
  • Find the constraint that changes the correct option.
  • Eliminate answers that are true in general but not in this case.

TExam Day Tips

  • Watch for words such as best, first, most likely and least administrative effort.
  • Review why wrong options are wrong, not only why the correct option is correct.

Key takeaway

Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Real-world example

How this comes up in practice

A media company stores terabytes of video archives that are accessed once a year for audit purposes. Moving these objects to a cold storage tier (Azure Archive, S3 Glacier, or Google Nearline) costs a fraction of hot storage. Questions like this test whether you understand storage tiers, access frequency tradeoffs, and retrieval latency requirements.

What to study next

Got this wrong? Here's your next step.

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

Related practice questions

Related DOP-C02 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

Practice this exam

Start a free DOP-C02 practice session

Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.

FAQ

Questions learners often ask

What does this DOP-C02 question test?

Monitoring and Logging — This question tests Monitoring and Logging — Read the scenario before looking for a memorised answer..

What is the correct answer to this question?

The correct answer is: Use CloudWatch Logs Insights to run queries across multiple log groups. — CloudWatch Logs Insights is purpose-built for querying log data across multiple log groups. It uses a query language to search, filter, and aggregate log events, making it ideal for identifying error patterns across different sources. This option is correct because it directly supports cross-log-group queries without additional data movement or infrastructure.

What should I do if I get this DOP-C02 question wrong?

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

What is the key concept behind this question?

Read the scenario before looking for a memorised answer.

About these practice questions

Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →

How Courseiva writes practice questions · Editorial policy

Same concept, more angles

2 more ways this is tested on DOP-C02

These questions test the same concept from different angles. Work through them to make sure you can recognise it however the exam phrases it.

Variation 1. A company is using Amazon CloudWatch Logs to store application logs. The DevOps team needs to search and analyze logs from multiple EC2 instances in real time. Which TWO services can be used to achieve this? (Choose TWO.)

medium
  • A.Amazon OpenSearch Service.
  • B.Amazon Athena.
  • C.Amazon QuickSight.
  • D.Amazon Kinesis Data Analytics.
  • E.CloudWatch Logs Insights.

Why A: Option A is correct because CloudWatch Logs Insights allows real-time querying of log groups. Option C is correct because CloudWatch Logs can stream to Amazon OpenSearch Service for real-time search and analytics. Option B is wrong because Athena is for ad-hoc querying of S3 data, not real-time. Option D is wrong because Kinesis Data Analytics is for streaming data analysis, not directly for log search. Option E is wrong because QuickSight is for visualization, not real-time search.

Variation 2. A company is using Amazon CloudWatch Logs to store application logs. The DevOps team needs to search across multiple log groups and visualize trends. Which TWO services can be used together to achieve this?

medium
  • A.CloudWatch Logs Insights.
  • B.Amazon Elasticsearch Service with Kibana.
  • C.Amazon Athena.
  • D.Amazon QuickSight.
  • E.CloudWatch Dashboards.

Why A: Option A and Option C are correct. CloudWatch Logs Insights can query multiple log groups, and CloudWatch Dashboards can visualize the results. Option B (Athena) queries data in S3, not directly in CloudWatch Logs. Option D (Kibana) requires Elasticsearch Service, which adds complexity. Option E (QuickSight) can visualize but requires data in S3 or a database.

Keep practising

More DOP-C02 practice questions

Last reviewed: Jun 24, 2026

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

This DOP-C02 practice question is part of Courseiva's free Amazon Web Services certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the DOP-C02 exam.