These are the queries that I wrote and found useful to extract data using Azure Resource Graph Explorer
SecurityResources
| where type == "microsoft.security/locations/alerts" and properties.AlertDisplayName=="Suspicious authentication activity" and properties.Status=="Active"