It would be nice if I had a tenant-wide option that would either default SIEM to enabled or disabled for new organizations.

Problem Explanation:

I'm using Huntress SIEM internally and planning to up-sell the SIEM product to some of my customers based on the package that they subscribe to. As such, when my team onboards a new customer, they will have to add a Disable Override for SIEM.