Amazon GuardDuty Pricing

Overview

Amazon GuardDuty is priced along two dimensions. The dimensions are based on the quantity of AWS CloudTrail Events analyzed (per 1,000,000 events) and the volume of Amazon VPC Flow Log and DNS Log data analyzed (per GB). There is no additional charge to enable these log sources for GuardDuty analysis.

  • CloudTrail Event analysis – GuardDuty continuously analyzes CloudTrail Events, monitoring all access and behavior of your AWS accounts and infrastructure. CloudTrail analysis is charged per 1,000,000 events per month and pro-rated.
  • VPC Flow Log and DNS Log analysis – GuardDuty continuously analyzes VPC Flow Logs and DNS requests and responses to identify malicious, unauthorized, or unexpected behavior in your AWS accounts and workloads. Flow log and DNS log analysis is charged per Gigabyte (GB) per month. Flow log and DNS log analysis is offered with tiered volume discounts.

Free trial

Any new account to Amazon GuardDuty can try the service for 30-days at no cost in each supported region.

You will have access to the full feature set and detections during the free trial.

The GuardDuty console indicates how many days are left on the trial period and estimates how much the daily average cost for your account is based on the volume of data analyzed. This makes it easy for you to experience Amazon GuardDuty at no cost and take the guess work out of the cost of the service beyond the free trial.

Start a free trial of Amazon GuardDuty

Prices (By region)

  • North America

    US East (N. VA), US East (Ohio), US West (Oregon), US West (N. CA), Canada (Central), AWS GovCloud (US)
    • US East (N. VA)
    • US East (Ohio)
    • US West (Oregon)
    • US West (N. CA)
    • Canada (Central)
    • AWS GovCloud (US)
    • US East (N. VA)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.00 per GB
      Next 2000 GB / month $0.50 per GB
      Over 2500 GB / month $0.25 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.00 per 1,000,000 events
    • US East (Ohio)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.00 per GB
      Next 2000 GB / month $0.50 per GB
      Over 2500 GB / month $0.25 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.00 per 1,000,000 events
    • US West (Oregon)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.00 per GB
      Next 2000 GB / month $0.50 per GB
      Over 2500 GB / month $0.25 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.00 per 1,000,000 events
    • US West (N. CA)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.10 per GB
      Next 2000 GB / month $0.55 per GB
      Over 2500 GB / month $0.28 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.40 per 1,000,000 events
    • Canada (Central)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.15 per GB
      Next 2000 GB / month $0.58 per GB
      Over 2500 GB / month $0.29 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.60 per 1,000,000 events
    • AWS GovCloud (US)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.20 per GB
      Next 2000 GB / month $0.60 per GB
      Over 2500 GB / month $0.30 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.80 per 1,000,000 events

  • Asia Pacific

    Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo)
    • Asia Pacific (Mumbai)
    • Asia Pacific (Seoul)
    • Asia Pacific (Singapore)
    • Asia Pacific (Sydney)
    • Asia Pacific (Tokyo)
    • Asia Pacific (Mumbai)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.10 per GB
      Next 2000 GB / month $0.55 per GB
      Over 2500 GB / month $0.28 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.40 per 1,000,000 events
    • Asia Pacific (Seoul)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.15 per GB
      Next 2000 GB / month $0.58 per GB
      Over 2500 GB / month $0.29 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.60 per 1,000,000 events
    • Asia Pacific (Singapore)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.15 per GB
      Next 2000 GB / month $0.58 per GB
      Over 2500 GB / month $0.29 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.60 per 1,000,000 events
    • Asia Pacific (Sydney)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.15 per GB
      Next 2000 GB / month $0.58 per GB
      Over 2500 GB / month $0.29 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.60 per 1,000,000 events
    • Asia Pacific (Tokyo)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.18 per GB
      Next 2000 GB / month $0.59 per GB
      Over 2500 GB / month $0.29 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.72 per 1,000,000 events

  • Europe / Middle East / Africa

    EU (Frankfurt), EU (Ireland), EU (London), EU (Paris)
    • EU (Frankfurt)
    • EU (Ireland)
    • EU (London)
    • EU (Paris)
    • EU (Frankfurt)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.15 per GB
      Next 2000 GB / month $0.58 per GB
      Over 2500 GB / month $0.29 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.60 per 1,000,000 events
    • EU (Ireland)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.10 per GB
      Next 2000 GB / month $0.55 per GB
      Over 2500 GB / month $0.28 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.40 per 1,000,000 events
    • EU (London)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.10 per GB
      Next 2000 GB / month $0.55 per GB
      Over 2500 GB / month $0.28 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.40 per 1,000,000 events
    • EU (Paris)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.10 per GB
      Next 2000 GB / month $0.55 per GB
      Over 2500 GB / month $0.28 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $4.40 per 1,000,000 events

  • South America

    South America (São Paulo)
    • South America (São Paulo)
    • South America (São Paulo)
    • VPC Flow Log and DNS Log Analysis  
      First 500 GB / month $1.75 per GB
      Next 2000 GB / month $0.88 per GB
      Over 2500 GB / month $0.44 per GB
         
      AWS CloudTrail Event Analysis  
      Per 1,000,000 events / month $7.00 per 1,000,000 events
Pricing examples (monthly)
US-East (N. VA) / Example 1

GuardDuty processes

  • 40,000,000 events
  • 2,000 GB of VPC Flow logs
  • 1,000 GB of DNS Query Logs

Charges =

     40 x $4.00    (per 1,000,000 events) 
+ 500 x $1.00    (first 500 GB)
+ 2,000 x $0.50 (next 2,000 GB)
+ 500 x $0.25    (over 2,500 GB)

= $1,785 per month

US-East (N. VA) / Example 2

GuardDuty processes

  • 5,000,000 events
  • 200 GB of VPC Flow logs
  • 50 GB of DNS Query Logs

Charges =

       5 x $4.00   (per 1,000,000 events)
+ 250 x $1.00   (first 500 GB)

= $270 per month

Additional pricing resources

TCO Calculator

Calculate your total cost of ownership (TCO)

Simple Monthly Calculator

Easily calculator your monthly costs with AWS

Economics Resource Center

Additional resources for switching to AWS

Product-Page_Standard-Icons_01_Product-Features_SqInk
Explore Amazon GuardDuty features

Amazon GuardDuty is a threat detection service that provides you with an accurate and easy way to continuously monitor and protect their AWS accounts and workloads.

Learn more 
Product-Page_Standard-Icons_02_Sign-Up_SqInk
Sign up for a 30-day free trial

Try Amazon GuardDuty for 30-days at no cost. You will receive full access to GuardDuty features and its detection findings during the free trial.

Free trial 
Product-Page_Standard-Icons_03_Start-Building_SqInk
Start building in the console

Get started building with Amazon GuardDuty in the AWS Console.

Sign in