When my team tried it we couldn't get CDC to capture the hostname of the server/workstation/laptop that made the change. This bit of info is a must for our environment. It's rare for someone to make an unauthorized change under their own credentials, it's usually a case of someone hijacking the application credentials to make the change. Not that it happens often, but we've caught all of those individuals thanks to our current tool (apex sql audit) capturing the hostname. Just my .02