I found the answer myself. It is logged:
usr\sap\<sid>\<instance>\cluster\server0\log\system\security.0.log
com.sap.security.core.util.SecurityAudit#Plain###Guest | LOGIN.ERROR | NONE = null | | Login Method=[default], UserID=[adminstrator], IP Address=[xxx.xxx.xxx.xxx], Reason=[Authentication did not succeed.]
Hope this helps someone else.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.