GuardDuty Protecting EKS - How to Estimate Log Quantity?
0
How do I find the quantity of EKS Audit Logs across multiple accounts (100's) to price GuardDuty as accurately as possible?
asked a month ago22 views
1 Answers
0
I think the question in general is kind of moot.
In CFM the point is not to estimate which is extremely difficult for many services for example S3 or EKS audit logs.
As the service has 30 day free trail, just enable it and see the estimate yourself.
Additionally you can also monitor one or two cluster for their actual behavior. This can be achieved by enabling control plane logging (specifically audit logs) in couple of clusters and observe the log volume let's say in CloudWatch.
answered a month ago
Relevant questions
Enabling GuardDuty via Organisations
Accepted Answerasked 7 months agoBest method to send guardduty logs to opensearch
asked 5 months agoViewing EKS 'fargate-scheduler' logs
asked 4 months agoGuardDuty Customers! - Anyone with experience using partner GuardDuty threat lists?
asked 19 days agoCannot configure Guardduty 'findings export options' to an S3 bucket
asked 2 months agoGuardDuty Protecting EKS - How to Estimate Log Quantity?
asked a month agoHow does GuardDuty work in a Shared VPC?
Accepted AnswerHow to debug pod failure on EKS?
asked 3 years agoGuardDuty pricing investigation
Accepted Answerasked a year agoGuardduty on AWS organization vs individual accounts
Accepted Answerasked 5 months ago
This is the approach Im taking - averaging the logs across a number of select accounts and estimating the cost from there. My next step is the enable GD for the trial period. I just want to ask if there was a more accurate way to estimate logs across a large number of accounts. Thanks for your answer.