Defender for Servers

Defender for servers is part of Defender for Cloud CWP. We do not use this product, however we have interest in logging Servers both on-premise and multi cloud tenants to Sentinel workspace. 

Couple of ways to accomplish:

Defender for Servers in passive - Since we're currently not subscribed can we get data in with ARC + AMA + Defender extension across multi cloud tenant? Objective is to NOT pay for Defender for Servers p1/p2 instead log Events for detections

Azure Monitor Agent and Data Collection Rule with logging level (Common, Minimal, Custom)

I've ideas on both but I'm leaning towards Defender for Servers in passive with Defender Extension and AMA. Will this automatically get charge as part of Defender for Server CWP or it flat out won't work if not enabled? 

I can't get straight answer on this from anyone and I don't have full blown tenant owner permission to test this. When asked there is wait time to get response from other teams. 

I'm interested getting data in via Defender in Passive relying and relaying partner as Defender Extension and ARC+AMA.

Let me know your thoughts!