The o365 Login Analyzer creates notifications for successful logins.  If there are successful logins that don't require a notification to be created for them, these detections can be whitelisted in the incident notification that was created. 

NOTE: Whitelisting successful o365 logins should only be done from the incident ticket - Do I need to remediate or whitelist the events in the apps? 

On the customer level navigate to the incidents list

Locate the incident > view details

Action > add to whitelist

Custom

Enter the 2 letter country abbreviation in attributes>location>countryOrRegion field and the user email name in attributes>user>principalName field then add

This will create a new whitelist rule to no longer create email notifications for that detection.