GEO location violation (Impossible Travel)... VIP account lockout... Breached Credentials Detection... Suspicious Activity... Admin Activity Anomaly alert... Change to critical policy... Super Admin Role Changes... API Token Creation/Revocation... OKTA Service Interruptions/Degradation...

These are some of the items that would be ideal to notify or auto-ticket created.