Should an Endpoint Log Hybrid server just be used for Endpoint Agent Data as best practice? Or can it also be used for other log sources?
Our Endpoint Log Hybrid collects agent data from Endpoints, Logs forwarded (ie. event logs), ODBC, Firewalls sending via Syslog, VPN Concentrator and others. Should the ELH just collect the Endpoint Agent data and then another Log Decoder/Concentrator be used for everything else?