Option 1: Reduce Worker Threads
You can lower the number of worker threads to reduce CPU load. For example, change to –worker-threads 4 or even 2.
Steps.1 Edit the systemd service file (if used):
sudo systemctl edit amazon-guardduty-agent.service
Step.2 Add or override the ExecStart line:
[Service]
ExecStart=
ExecStart=/opt/aws/amazon-guardduty-agent/bin/amazon-guardduty-agent --worker-threads 2
This clears the old ExecStart and adds the new one with fewer threads.
Step.3 Reload systemd and restart the service:
sudo systemctl daemon-reexec
sudo systemctl daemon-reload
sudo systemctl restart amazon-guardduty-agent.service
Option 2: Limit CPU Usage with cpulimit
If thread tuning isn’t enough or applicable, you can cap CPU usage with Linux tools:
a) Using cpulimit (easier)
Install: sudo apt install cpulimit # Ubuntu/Debian
Run: sudo cpulimit -e amazon-guardduty-agent -l 20 &
Limits the process to 20% of a single core. Adjust -l as needed.
b) Using systemd CPUQuota (preferred for services):
sudo systemctl edit amazon-guardduty-agent.service
Add:
[Service]
CPUQuota=20%
Then reload and restart:
sudo systemctl daemon-reexec
sudo systemctl daemon-reload
sudo systemctl restart amazon-guardduty-agent.service
Option 3: Verify Configuration Files (If Any)
Check if /etc/amazon-guardduty-agent/ has a config file you can edit to reduce worker count. If it's a JSON config file, it might look like:
{
"worker_threads": 2
}