Hi there,
First of all, check your auditing settings:
In the Group Policy Management Editor, choose Computer Configuration → Go to Policies → Go to Windows Settings → Go to Security Settings → Go to Local Policies → Go to Audit Policy. Set the following audit policies:
-Audit account management: "Success"
-Audit directory service access: "Success"
-Audit logon events: "Success" and "Failure"
You can also check if you have some objects which are out of auditing policy
--If the reply is helpful, please Upvote and Accept it as an answer–