Feb 10, 2020 - 08:25 PM
If you cannot find an explicit clause or combination of clauses which point to a specific restriction then I (personally) would assume that you can proceed.
However, ensure you are in a position to be able to defend that decision.
For example, if the metric is device based, then you should have a mechanism in place that restricts the concurrent use of instances of the software to a number not greater than that for which you are licensed. Follow that up with the logs to prove that this has been the case.
Audits are primarily a matter of interpretation, if you have the data evidence to back your logical interpretation where the EULA did not provide an explicit definition, any auditor is likely to think twice before escalating.
Note that, your organisations' specific appetitie for risk will also guide your interpetation of any EULA clauses. There are many organisations who would be averse to interpreting that a missing clause in a EULA implied authorisation for a specific use-case.
Irrespective of my opinion, your first port of call should always be the relevant licensing paperwork. Draw your conclusions from that and then proceed from there.