Reports Only Policy selected (does not permit deselecting all ca policies but have to do so singlely)
Time range last 7 days (does not export anything beyond current date)
User: All users (does not detect by individual user or groups defined)
Sign in events results are not accurate. After query is run it displays only current date even though we selected older than 7 days or anything beyond 24 hrs.
We also export all columns to csv and the same results.
We are sure we have sign ins for the users in the group defined in the reports only CA policy.
If we run the report last week, it displayed for one user. If we run today it also display one user failed.
However we cannot historically see within 7 days all failed users if the ca policy is to be enabled.
There is a bug or usage issue?
Also for users, how do we select by individual user or group? How is that defined? I tried username, email@example.com but nothing works. I also tried display name of the azure ad group, but also didn't return any sign in events.
Is it a bug or usage/clarification issue?
Lastly, there is no way to deselect all. By default all CA policies are selected. We have to deselect each policy individually by unchecking each one. Please add a method to deselect all as we have too many to deselect individually.