Login security logs

Hi, a couple of questions regarding login security.

1-where can I check user logins and failures??
I’ve been looking into zendphp.log but all I can find are [custom_username] entries in schedule/add-show arrays.

2-brute force login protection
Is there something similar to fail2ban we can use to protect LT logins?? can we enable the apache jail in fail2ban here?
or is there smtg else useful in this regard??

thanks for any hints!