Just polling everyone. For the 3.3.xx controls dealing with log collection and analysis. Do you capture and centralize logs from your servers and other service infrastructure (network, cloud, etc)? I started here, but now I am thinking the capture should also include endpoints. At the very least to endpoints that are in scope. Curious what everyone else is doing here.