Audit feed API returns user logged in message for removed user

Update from Microsoft: Upon working with engineering team , we have identified that this is a known issue where “UserAccountNotFound’ shows up with ‘ResultStatus:Succeeded” . They are aware of this issue and are working to getting this fixed in the future. This should not be considered a security breach that that account logged in to the mailbox. It is simply that when Azure AD Workload sends the audit log to the Unified Audit log pipeline, the data is not mapped correctly causing the ‘ResultStatus’ field to show an incorrect value. Hope that clears your concerns