Hi,
Which security events are logged on your machines also depends on your local group audit policy. Make sure that these events are configured to be logged via the local group policy. If they are not logged on the servers they will not be ingested as well. Example of how these policies are configured you can see here: Configure Windows Event collection
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.