We would appreciate having the ability to tell from the organization level which SIEM Sources are configured (And receiving logs) for each client so that we can build internal tooling around finding clients who are missing eligible sources and also monitoring to alarm if the logs per source count fall to 0.

I could see this being a new component of the existing organizations list endpoint or a new subpoint for SIEM sources.