Forum Discussion
Azure ATP, Defender ATP + SysMon/Eventlog?
Hi all, I am currently wondering about a project for one of our customers and would be happy to hear about your opinion. We have been monitoring Windows Server with Event log, having them ext...
Ralph Göbel My personal opinion is if the amount of data being ingested does not cost you too much money, and only you or your customer can really determine that, it is worth ingestion. I would have rather have the data and not need it than vice versa.
