You have a set of EC2 Instances created in a VPC. You need to ensure that logs from specific locations on the EC2 Instances are sent over to a central log location. How can you achieve this? Choose 2 answers from the options given below.

Answer options:

A.Use the Cloudwatch logs agent.
B.Use the AWS Inspector agent.
C.Centralize the logs to a Cloudwatch Log Group.
D.Centralize the logs to a VPC Log Group.

Answer – A and C
The AWS Documentation mentions the following.
To collect logs from your Amazon EC2 instances and on-premises servers into CloudWatch Logs, AWS offers both a new unified CloudWatch agent and an older CloudWatch Logs agent. We recommend the unified CloudWatch agent. The new unified agent has the following advantages.
· You can collect both logs and advanced metrics with the installation and configuration of just one agent.
· The unified agent enables the collection of logs from servers running Windows Server.
· If you use the agent to collect CloudWatch metrics, the unified agent also enables the collection of additional system metrics for in-guest visibility.
· The unified agent provides better performance.
Option B is incorrect since the Inspector agent is only used to check for vulnerabilities.
Option D is incorrect since the logs need to be aggregated in the VPC Log Group.
For more information on Cloudwatch Logs agent, please refer to the below URL
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_GettingStarted.html