Hello JamesR,
Thank you for your kind and complete answer.
Indeed it is very clear that we have an optimisation issue...
The product was deployed and lived his own life without being managed, so we just started to configure it.
So we started to build our safe baseline, but what would be your recommendation between Exclusions or Event Filters ?
For exemple for SCCM, do you preconize a process exclusion on policy or a event filter based on SCCM path ?
Thank you !
Artemis.