Do you have multi vendor environment by any chance ? 
it’s some manual work for sure but this might help you.

https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center-rogue-management-application/2-1-2/quick-start-guide/b_rogue_management_qsg_2_1_2/m_rogue_management_and_awips_workflow.pdf

Below are mostly RF related attacks where mitigation is very limited or not possible. Description for all the possible alerts are listed in the below article.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-1/config-guide/b_wl_17_11_cg/b_wl_17_11_cg_chapter_010001100.html

I would not agree that the aWIPS is not a successful product. It has it's own use cases, for example if a client is complaining about connectivity issues you can have a look at aWIPS alerts from that AP or the AP's in the vicinity to check whether there is any targeted deauths. Most importantly Rogue detection and containment is also part of aWIPS (Some countries may have legal complications using this feature, take caution) aWIPS will provide you a holistic view of and threat landscape at RF level. With the enterprises moving to complete wireless connectivity, this is one of the must features to have. As @ammahend mentioned there could be lot of false positives as wireless medium itself is not restricted and an attacked with a directional antenna with enough gain could trigger deauth's in your wireless environment may be sitting meters away.