Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature
We are working on this but we don’t have a public ETA to share at this time. We will keep you updated as we get closer.
An error occurred while saving the commentAnonymous commented
In order to provide a complete and wholistic view on failed login attempts it’s imperative that we are able to consistently capture such events for users (as we can today) but also for service principles given the enabling role they play in the identity sphere in Azure. Not being able to do so [other than via a support call] feels like a major flaw when trying to surface such events via a SIEM solution.