diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/audit/AuditEvents.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/audit/AuditEvents.java
index 76c2295b29..8fd6606f1b 100644
--- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/audit/AuditEvents.java
+++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/audit/AuditEvents.java
@@ -40,7 +40,8 @@ public enum AuditEvents
     CREATE_USER_GROUP("Create User Group", "Create User Group"),
     DELETE_USER_GROUP("Delete User Group", "Delete User Group"),
     ADD_TO_USER_GROUP("Add To User Group", "Add To User Group"),
-    REMOVE_FROM_USER_GROUP("Remove From User Group", "Remove From User Group");
+    REMOVE_FROM_USER_GROUP("Remove From User Group", "Remove From User Group"),
+    LOGIN_UNSUCCESSFUL("Login.Failure", "Login Unsuccessful");
 
     /** event audited */
     public final String event;
diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java
index e8a427aec2..aaa5f569c0 100644
--- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java
+++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java
@@ -66,7 +66,7 @@ public class AuditGroupEventsTests extends BaseRMRestTest
     public void cleanAuditLogs()
     {
         //clean audit logs
-        rmAuditAPI.clearAuditLog(getAdminUser().getPassword(), getAdminUser().getPassword());
+        rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword());
     }
 
     /**
@@ -80,7 +80,7 @@ public class AuditGroupEventsTests extends BaseRMRestTest
         testGroup = dataGroup.createRandomGroup();
 
         STEP("Get the list of audit entries for the create group event.");
-        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getPassword(),
+        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(),
                 getAdminUser().getPassword(), 100, CREATE_USER_GROUP.event);
 
         STEP("Check the audit log contains only the entries for the created group.");
@@ -105,7 +105,7 @@ public class AuditGroupEventsTests extends BaseRMRestTest
         dataGroup.usingUser(testUser).addUserToGroup(testGroup);
 
         STEP("Get the list of audit entries for the add user to group event.");
-        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getPassword(),
+        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(),
                 getAdminUser().getPassword(), 100, ADD_TO_USER_GROUP.event);
 
         STEP("Check the audit log contains only the entries for the add user to group event.");
@@ -133,7 +133,7 @@ public class AuditGroupEventsTests extends BaseRMRestTest
         dataGroup.removeUserFromGroup(testGroup, testUser);
 
         STEP("Get the list of audit entries for the add user to group event.");
-        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getPassword(),
+        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(),
                 getAdminUser().getPassword(), 100, REMOVE_FROM_USER_GROUP.event);
 
         STEP("Check the audit log contains only the entries for the remove user from group event.");
@@ -159,7 +159,7 @@ public class AuditGroupEventsTests extends BaseRMRestTest
         dataGroup.deleteGroup(testGroup);
 
         STEP("Get the list of audit entries for the delete group event.");
-        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getPassword(),
+        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(),
                 getAdminUser().getPassword(), 100, DELETE_USER_GROUP.event);
 
         STEP("Check the audit log contains only the entries for the created group.");
diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEvents.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEvents.java
new file mode 100644
index 0000000000..f138872ee1
--- /dev/null
+++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEvents.java
@@ -0,0 +1,82 @@
+/*
+ * #%L
+ * Alfresco Records Management Module
+ * %%
+ * Copyright (C) 2005 - 2018 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software.
+ * -
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail.  Otherwise, the software is
+ * provided under the following open source license terms:
+ * -
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * -
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * -
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+package org.alfresco.rest.rm.community.audit;
+
+import static org.alfresco.rest.rm.community.model.audit.AuditEvents.LOGIN_UNSUCCESSFUL;
+import static org.alfresco.utility.report.log.Step.STEP;
+import static org.testng.AssertJUnit.assertTrue;
+
+import java.util.List;
+
+import org.alfresco.rest.rm.community.base.BaseRMRestTest;
+import org.alfresco.rest.rm.community.model.audit.AuditEntry;
+import org.alfresco.rest.v0.RMAuditAPI;
+import org.alfresco.test.AlfrescoTest;
+import org.alfresco.utility.model.UserModel;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+
+/**
+ * This class contains the tests that check the login events are audited
+ *
+ * @author Claudia Agache
+ * @since 2.7
+ */
+@AlfrescoTest (jira = "RM-5234")
+public class AuditLoginEvents extends BaseRMRestTest
+{
+    @Autowired
+    private RMAuditAPI rmAuditAPI;
+
+    @BeforeClass (alwaysRun = true)
+    public void cleanAuditLogs()
+    {
+        //clean audit logs
+        rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword());
+    }
+
+    /**
+     * Given I have tried to login using invalid credentials
+     * When I view the RM audit filtered by Login unsuccessful event
+     * Then the audit log contains only the entries for the Login unsuccessful event
+     */
+    @Test
+    public void filterByLoginUnsuccessful() throws Exception
+    {
+        restClient.authenticateUser(new UserModel(getAdminUser().getUsername(), "InvalidPassword"));
+        restClient.withCoreAPI().getSites();
+
+        STEP("Get the list of audit entries for the login unsuccessful event.");
+        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(),
+                getAdminUser().getPassword(), 100, LOGIN_UNSUCCESSFUL.event);
+
+        STEP("Check the audit log contains only the entries for the login unsuccessful event.");
+        assertTrue("The list of events is not filtered by " + LOGIN_UNSUCCESSFUL.event,
+                auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(LOGIN_UNSUCCESSFUL.eventDisplayName)));
+    }
+}
diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java
index 33af49b2c9..821f4f1974 100644
--- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java
+++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java
@@ -73,7 +73,7 @@ public class AuditUserEventsTests extends BaseRMRestTest
         createUser = getDataUser().createUser(userName);
 
         STEP("Get the list of audit entries for the create person event.");
-        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getPassword(),
+        List<AuditEntry> auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(),
                 getAdminUser().getPassword(), 100, CREATE_PERSON.event);
 
         STEP("Check the audit log contains only the entries for the created user.");
@@ -89,7 +89,7 @@ public class AuditUserEventsTests extends BaseRMRestTest
     public void cleanAuditLogs()
     {
         //clean audit logs
-        rmAuditAPI.clearAuditLog(getAdminUser().getPassword(), getAdminUser().getPassword());
+        rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword());
     }
 
     @AfterClass (alwaysRun = true)