When someone tried to brute force and correcty gueses the username but wrong public key it isn't added to the database. This can maby be fixed by adding this code to the /etc/rsyslog.conf for public key.

else if $msg startswith ' Connection reset by authenticating' then {
      action(type="omfwd" target="127.0.0.1" port="7070" protocol="tcp" template="OnlyMsg")
   }

I couldn't quite make up if this was suppored by the acouvreur/ssh-log-to-influx container.