Not seeing Failed sign-ins audit events in audit_json.

Hi we have a self hosted Gitlab instance version 16.1. We are working on our audit system and it seems that the failed sign-ins is not in the audit-json file, instead we are recieving the failed logins audit event in the application file. Is there any point to not putting it in the audit_json ?