Amazon GuardDuty is priced along two dimensions. The dimensions are based on the quantity of AWS CloudTrail Events analyzed (per 1,000,000 events) and the volume of Amazon VPC Flow Log and DNS Log data analyzed (per GB). There is no additional charge to enable these log sources for GuardDuty analysis.
- CloudTrail Event analysis – GuardDuty continuously analyzes CloudTrail Events, monitoring all access and behavior of your AWS accounts and infrastructure. CloudTrail analysis is charged per 1,000,000 events per month and pro-rated.
- VPC Flow Log and DNS Log analysis – GuardDuty continuously analyzes VPC Flow Logs and DNS requests and responses to identify malicious, unauthorized, or unexpected behavior in your AWS accounts and workloads. Flow log and DNS log analysis is charged per Gigabyte (GB) per month. Flow log and DNS log analysis is offered with tiered volume discounts.
Any new account to Amazon GuardDuty can try the service for 30-days at no cost in each supported region.
You will have access to the full feature set and detections during the free trial.
The GuardDuty console indicates how many days are left on the trial period and estimates how much the daily average cost for your account is based on the volume of data analyzed. This makes it easy for you to experience Amazon GuardDuty at no cost and take the guess work out of the cost of the service beyond the free trial.
Pricing by region
- 40,000,000 events
- 2,000 GB of VPC Flow logs
- 1,000 GB of DNS Query Logs
= $1,785 per month
- 5,000,000 events
- 200 GB of VPC Flow logs
- 50 GB of DNS Query Logs
= $270 per month
Amazon GuardDuty is a threat detection service that provides you with an accurate and easy way to continuously monitor and protect their AWS accounts and workloads.
Try Amazon GuardDuty for 30-days at no cost. You will receive full access to GuardDuty features and its detection findings during the free trial.
Get started building with Amazon GuardDuty in the AWS Console.