Hey all. So my company has recently acquired 200GB added on top of our current licence. We are interested in 3 different log sources and wondering what the data size per day is per host in your experience?
It would be good to know if you have heavily filtered the input or not, but it would be good for scoping if I could have an idea of metrics:
Winevent logs on users machines
Totally appreciate the point and I have suggested this but you can understand the complexities to getting this done in a heavily bureaucratic environment. Just at a finger in the air for now so I am interested in what other people's experiences are.