In the login audit of WP Admin Audit you will find:
- IP addresses from which login attempts were started
- How many login attempts were successful
- What percentage of login attempts used an existing username
- Data is kept on a rolling 90-day period
The data is also collected if you turn off the sensor for logins (to keep your event log free from clutter).
Repeated login attempts are a sign of automated (brute-force) attacks against your site.
You may want to use the list to block certain IP addresses.