Hello,
I've seen multiple occurences in the Azure signin logs where user.name
was not populated. Those documents always have an error.message
containing "field [message] already exists"
.
This seem like a bug.. The message field in those documents apparently has the same value as the filed azure.signinlogs.result_description
, for example "Users' needs to enroll for second factor authentication (interactive)."
Sounds like a bug in the pipeline to me, ok if I make a GH issue?
Best regards,
Willem