Your customer is willing to consolidate their log streams, access logs, application logs, security logs, etc. in one single system. Once consolidated, the customer wants to analyze these logs in real-time based on heuristics. From time to time, the customer needs to validate heuristics, which requires going back to data samples extracted from the last 12 hours? What is the best approach to meet your customer’s requirements?

Answer options:

A.Send all the log events to Amazon SQS. Setup an Auto Scaling group of EC2 servers to consume the logs and apply the heuristics.
B.Send all the log events to Amazon Kinesis. Develop a client process to apply heuristics to the logs.
C.Configure Amazon Cloud Trail to receive custom logs and use EMR to apply heuristics to the logs.
D.Setup Auto Scaling group of EC2 Syslog servers and store the logs S3 use EMR to apply heuristics on the logs.

Answer – B
Whenever the scenario - just like this one - wants to do real-time processing of a stream of data, always think about Amazon Kinesis. Also, remember that the records of the stream are available for 24 hours.
Option A is incorrect because SQS is not used for real-time processing of the stream of data.
Option B is CORRECT because Amazon Kinesis is best suited for applying the real-time processing of the stream of data. Also, the records of the stream are available for 24 hours in Kinesis.
Option C is incorrect because CloudTrail is not used to process the real-time data processing, and EMR is used for batch-processing.
Option D is incorrect because setting autoscaling of EC2 instances is not cost-effective, and EMR is used for batch-processing.
More information on Amazon Kinesis:
Amazon Kinesis is a platform for streaming data on AWS, making it easy to load and analyze streaming data and provide the ability to build custom streaming data applications for specialized needs.
Use Amazon Kinesis Streams to collect and process large streams of data records in real-time.
Use Amazon Kinesis Firehose to deliver real-time streaming data to destinations such as Amazon S3 and Amazon Redshift.
Use Amazon Kinesis Analytics to process and analyze streaming data with standard SQL.
For more information on Kinesis, please visit the below URL-
https://aws.amazon.com/documentation/kinesis/