The server will update the user's zimbraLastLogonTimestamp attribute at most once every zimbraLastLogonTimestampFrequency.
Default is 7d to cutdown on ldap writes every time you auth. You can set it to values like: 1d, 1h, 1m, 1s, or 0 for disabled:
Think of the pure volume of some systems, updating an attribute for several million active users all day long makes for a lot of writes and replication. Prompted implementation of: Bug 18972 - provide way to completely disable zimbraLastLogonTimestamp (setting to 0).
zmprov mcf zimbraLastLogonTimestampFrequency 3d
Your /opt/zimbra/log/audit.log is continuous anyways so you can always check that. There is a MYSQL database entry in zimbra.mailbox for last_soap_access (getLastSoapAccessTime) not ported to a LDAP value because that would be nuts.
For some, 7 days does seem a little high though given the average installation size and faster systems. To that end, someone had an bugzilla entry in to get the default changed from 7d > 3d but I don't know what happened to it. If you have the time/ability for a large scale performance test go for it.
Bug 19670 - record last login timestamp in the db
Bug 18765 - Last user access (not logon)