You will need to customize the displayName in the query to the string you use to describe your MFA policy. For example if your policy name is Required MFA DUO then your metric would look like this instead Users[?contains(~.Policies.ConditionalAccess[?displayName ==].conditions.users.includeUsers[], id) ].displayName

Users[?contains(~.Policies.ConditionalAccess[?displayName ==].conditions.users.includeUsers[], id) ].displayName