This is not an answer to your question, but it might help.
I use this monitoring script: Fail2Ban or similar for public App access? - which alerts me of failed logins (but gives no details of the username or IP)
To compliment that, I place BaseRow behind Nginx Reverse Proxy and using Fail2Ban. BaseRow responds with a 401 when a logon fails, so monitoring the NPM logs with Fail2Ban lets me see at least the IP addresses of failed logons and also ban them.
You could also monitor the NPM logs for successful logins if you want - and possibly also API calls.
However, none of this allows you to monitor which user logs in unfortunately, but hopefully it’s something.