Hi,
Reviewing the Azure AD Sign-In logs I noticed that in some logs the ClientAppUsed field is not populated. I also find the same result in Sentinel's "Insecure protocol" workbook: Some entries are empty at the ClientAppUsed field. Does anyone know the reason why in some Sign-In logs this field is not populated?
Thank you
LG