Refer to the exhibit. A security engineer wants to monitor a Lambda function for errors and create a CloudWatch alarm when errors exceed a threshold. The engineer notices the log group exists but has no metric filters. What should the engineer do to set up the alarm?
This is the standard approach: define a metric filter to extract error counts from logs, then create an alarm.
Why this answer
The exhibit shows no metric filters exist. To alarm on errors, the engineer must create a metric filter that parses logs for error patterns and emits a metric, then create an alarm on that metric.