Security teams should consider logging often-overlooked sources that are valuable for threat hunting exercises. Common logs from servers and firewalls are fairly easily ingested and parsed. DNS logs are challenging to work with because of the volume of data and their multi-line format. Cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) dont have consistent logging formats. Database auditing and logging can be a stumbling block, since database administrators often don’t want to enable features that could affect server performance.”]
Source: https://www.csoonline.com/article/3607912/5-often-overlooked-log-sources.html