Sign-in reports - missing events for specific users

We are facing similar issues. We use SailPoint to automatically disable user identities for on-premises Active Directory. There are VIPs who only use O365 services so they never logon to on-premises AD and their lastlogontimestamp is never updated. We want to build a correlation between Azure AD and on-premises AD so that before a decision is made by SailPoint to disable an account it considers both on-premises lastlogontimestamp and Azure AD sign-in logs. We face same issue as described above and there is no other attribute to refer to in AzureAD which can allow this correlation to happen. So the method we have today is not full proof and has chances to fail if we use sign-in logs as correlation attribute.