Amazon GuardDuty is priced along two dimensions. The dimensions are based on the quantity of AWS CloudTrail Events analyzed (per 1,000,000 events) and the volume of Amazon VPC Flow Log and DNS Log data analyzed (per GB).
- CloudTrail Event analysis – GuardDuty continuously analyzes CloudTrail Events, monitoring all access and behavior of your AWS accounts and infrastructure. CloudTrail analysis is charged per 1,000,000 events per month and pro-rated.
- VPC Flow Log and DNS Log analysis – GuardDuty continuously analyzes VPC Flow Logs and DNS requests and responses to identify malicious, unauthorized, or unexpected behavior in your AWS accounts and workloads. Flow log and DNS log analysis is charged per Gigabyte (GB) per month. Flow log and DNS log analysis is offered with tiered volume discounts.
Any new account to Amazon GuardDuty can try the service for 30-days at no cost.
You will have access to the full feature set and detections during the free trial. GuardDuty will display the volume of data processed and estimated daily average service charges for your account. This makes it easy for you to experience Amazon GuardDuty at no cost and forecast the cost of the service beyond the free trial.
Prices (By region)
- 40,000,000 events
- 2,000 GB of VPC Flow logs
- 1,000 GB of DNS Query Logs
= $1,785 per month
- 5,000,000 events
- 200 GB of VPC Flow logs
- 50 GB of DNS Query Logs
= $270 per month