diff --git a/app/models/authenticator/base.rb b/app/models/authenticator/base.rb
index 5ce64ac33e84..47af92a51f29 100644
--- a/app/models/authenticator/base.rb
+++ b/app/models/authenticator/base.rb
@@ -55,7 +55,7 @@ def authenticate(username, password, request = nil, options = {})
 
         authenticated = options[:authorize_only] || _authenticate(username, password, request)
         if authenticated
-          AuditEvent.success(audit.merge(:message => "User #{username} successfully validated by #{self.class.proper_name}"))
+          audit_success(audit.merge(:message => "User #{username} successfully validated by #{self.class.proper_name}"))
 
           if authorize?
             user_or_taskid = authorize_queue(username, request, options)
@@ -66,17 +66,17 @@ def authenticate(username, password, request = nil, options = {})
             user_or_taskid ||= autocreate_user(username)
 
             unless user_or_taskid
-              AuditEvent.failure(audit.merge(:message => "User #{username} authenticated but not defined in EVM"))
+              audit_failure(audit.merge(:message => "User #{username} authenticated but not defined in EVM"))
               raise MiqException::MiqEVMLoginError,
                     _("User authenticated but not defined in EVM, please contact your EVM administrator")
             end
           end
 
-          AuditEvent.success(audit.merge(:message => "Authentication successful for user #{username}"))
+          audit_success(audit.merge(:message => "Authentication successful for user #{username}"))
         else
           reason = failure_reason(username, request)
           reason = ": #{reason}" unless reason.blank?
-          AuditEvent.failure(audit.merge(:message => "Authentication failed for userid #{username}#{reason}"))
+          audit_failure(audit.merge(:message => "Authentication failed for userid #{username}#{reason}"))
           raise MiqException::MiqEVMLoginError, fail_message
         end
 
@@ -115,7 +115,7 @@ def authorize(taskid, username, *args)
           unless identity
             msg = "Authentication failed for userid #{username}, unable to find user object in #{self.class.proper_name}"
             _log.warn(msg)
-            AuditEvent.failure(audit.merge(:message => msg))
+            audit_failure(audit.merge(:message => msg))
             task.error(msg)
             task.state_finished
             return nil
@@ -128,8 +128,8 @@ def authorize(taskid, username, *args)
 
           if matching_groups.empty?
             msg = "Authentication failed for userid #{user.userid}, unable to match user's group membership to an EVM role"
-            AuditEvent.failure(audit.merge(:message => msg))
             _log.warn(msg)
+            audit_failure(audit.merge(:message => msg))
             task.error(msg)
             task.state_finished
             user.save! unless user.new_record?
@@ -145,7 +145,7 @@ def authorize(taskid, username, *args)
 
           user
         rescue Exception => err
-          AuditEvent.failure(audit.merge(:message => err.message))
+          audit_failure(audit.merge(:message => err.message))
           raise
         end
       end
@@ -166,7 +166,7 @@ def authenticate_with_http_basic(username, password, request = nil, options = {}
         result = user && authenticate(username, password, request, options)
       rescue MiqException::MiqEVMLoginError
       end
-      AuditEvent.failure(:userid => username, :message => "Authentication failed for user #{username}") if result.nil?
+      audit_failure(:userid => username, :message => "Authentication failed for user #{username}") if result.nil?
       [!!result, username]
     end
 
@@ -287,5 +287,14 @@ def autocreate_user(_username)
     def normalize_username(username)
       username.downcase
     end
+
+    private def audit_success(options)
+      AuditEvent.success(options)
+    end
+
+    private def audit_failure(options)
+      AuditEvent.failure(options)
+      MiqEvent.raise_evm_event_queue(MiqServer.my_server, "login_failed", options)
+    end
   end
 end
diff --git a/db/fixtures/miq_event_definition_sets.csv b/db/fixtures/miq_event_definition_sets.csv
index 95fe00fd8ed3..bd4f5b877f59 100644
--- a/db/fixtures/miq_event_definition_sets.csv
+++ b/db/fixtures/miq_event_definition_sets.csv
@@ -1,4 +1,5 @@
 name,description
+authentication,Authentication Validation
 evm_operations,Appliance Operation
 ems_operations,Provider Operation
 host_operations,Host Operation
@@ -10,6 +11,6 @@ vm_process,VM Lifecycle
 service_process,Service Lifecycle
 orchestration_process,Orchestration Lifecycle
 storage_operational,Datastore Operation
-auth_validation,Authentication Validation
+auth_validation,Authentication Validation (Provider)
 container_operations,Container Operation
 physical_server_operations,Physical Server Operation
diff --git a/db/fixtures/miq_event_definitions.csv b/db/fixtures/miq_event_definitions.csv
index c3f7423e1bf3..0c9d4b454859 100644
--- a/db/fixtures/miq_event_definitions.csv
+++ b/db/fixtures/miq_event_definitions.csv
@@ -1,4 +1,9 @@
 name,description,event_type,set_type
+#
+# Authentication
+#
+login_failed,Login failed,Default,authentication
+
 #
 # EVM Server operations
 #