Elasticsearch storage full after activate endpoint security integration

I have 20 agent running that has the 'Endpoint Security', 'Prebuilt Security Detection Rules' and the 'System Integration'.
This is running on a Windows 10/11 & Ubuntu 20.04 and reporting into ECK with fleet management which is running on AWS.
This consuming 15gb of data a day for 20 workstation. 15gb seems like a lot of data. Is this right?
I have circa 500 workstation I would like to onboard.
I enable rule with severity medium, high & critical.
How can I reduce the consuming storage?