You can audit failed login attempts by increasing the log_error_verbosity to include Warnings (in addition to Errors)...
SET GLOBAL log_error_verbosity=2;
TODO
SELECT *
FROM information_schema.PLUGINS
WHERE PLUGIN_NAME LIKE '%audit%';
SHOW variables LIKE 'audit%';
SHOW variables LIKE 'plugin%';
INSTALL PLUGIN audit_log SONAME 'audit_log.so';
SELECT *
FROM information_schema.PLUGINS
WHERE PLUGIN_NAME LIKE '%audit%';
SHOW variables LIKE 'audit%';
Filtering by accounts...
SET GLOBAL audit_log_include_accounts = 'myuser@localhost,root@localhost';
SET GLOBAL audit_log_include_accounts = NULL;
SET GLOBAL audit_log_exclude_accounts = 'myuser@localhost,root@localhost';
SELECT @@audit_log_exclude_accounts;
SELECT @@audit_log_include_accounts;
Filtering by SQL command...
SELECT name
FROM performance_schema.setup_instruments
WHERE name LIKE "statement/sql/%"
ORDER BY name;
SET GLOBAL audit_log_include_commands= 'set_option,create_db';
SET GLOBAL audit_log_include_commands = NULL;
SET GLOBAL audit_log_exclude_commands= 'set_option,create_db';
Filtering by database...
SET GLOBAL audit_log_include_databases = 'mysql,mydb';
SET GLOBAL audit_log_exclude_databases = 'mysql,mydb';
TODO