Currently, there's no Panther-managed detection for elevated admin access in Microsoft 365 logs.
To create a custom detection for this alert, you can use the "Operation" field from the Microsoft365.Audit.AzureActiveDirectory schema. The value "Add member to role" should indicate elevated admin access. Panther's schema also includes this field:
name: Operation required: true description: The name of the user or admin activity. type: string
If you require further assistance with creating this custom detection, please reach out to Panther Support.