Azure Sentinel with ASC and exsiting workspace

avirat20 When you say "workspace" I am going to assume you mean a Log Analytics (LA) workspace.

1) It really depends if you are using (or plan to use) the Non-production information in Azure Sentinel.  Otherwise, you are just paying for data you are not using.  Azure Sentinel is always going to be a compromise of having all the data you will need versus paying for data you won't ever use.  "SolarGate" has changed the way a lot of people think about non-prod data so it may be that you will use the data now when in the past you probably wouldn't have. 

Also take into account where the data is located.  Are your prod and non-prod in the same Azure region?  If not, there is egress charges that need to be considered.   You can also take a look at using Azure Lighthouse with Azure Sentinel to view different Azure Sentinel instances at one time.

2) I typically say to let the Azure Security products do what they are good at and then  just send the alerts from ASC to Azure Monitor.   One analogy I like is that Azure Sentinel is a backstop to catch everything that the other Azure security products miss (although this may not make sense to to non-Americans.  Think of it as the netting in the football goal so the ball stops if all the other plays and goalie misses it) However, if you need the data for an investigation, you won't have it (hopefully this will change in the future).

3) Use the Azure pricing calculator, add Azure Sentinel to it, select your region, and plug in your consumption rate to get the most accurate pricing estimate.