In usual requests for production, you have to rely on the opposing party to follow the correct protocol and to produce all relevant ESI. To verify or challenge the protocol, you need to substantiate the claim, pointing out the ESI that has not been produced. But how can one point to the information if it has not been produced? We seem to have a vicious circle.
There is a way, however, and this way includes correctly crafted requests for metadata production. The request needs to be specific enough, so that it is not considered a fishing expedition. It has to be simple, so that it is not overburdensome. All this means that you have to do your home work with both the FRCP rules that apply and the technology that is relevant. This article from the Metropolitan Corporate Counsel explains how to ask for Windows metadata, such as registry and log files, in the proper way.