Amazon Guard Duty is a special level of security layer that can be used to trace the unauthorized activities for your AWS Cloud Services.
CloudTrail
About: Recording all Users & Access Keys based activities and its event.
VPC Flow Logs
About: Monitoring IP Traffic from Amazon EC2 Network interface. This
flow log we have to create with respect to instance IP Address.
DNS Logs
About: Monitoring the suspicious request through DNS Resolver.
Please create the log stream in the following the places and then you can see the findings in your Amazon Guard Duty.