Audit Logs - Showing "FAILED_LOGIN" for successful login attempts

I have enabled audit logging (which I believe was enabled by default anyways) using the following configuration in my elasticsearch.yml:

opendistro_security.audit.type: internal_elasticsearch
opendistro_security.audit.enable_rest: true
opendistro_security.audit.enable_transport: true

However, whenever I attempt to log into the Kibana interface (successfully using LDAP or using a local admin account), a single event gets logged with:

audit_category: FAILED_LOGIN
audit_request_effective_user: <NONE>
...

Does anyone have any idea why this is?

I believe you’re looking for

# If enable_request_details is true then the audit log event will also contain
# details like the search query. Default is false. 
opendistro_security.audit.enable_request_details: true
# Ignore users, e.g. do not log audit requests from that users (default: no ignored users)
#opendistro_security.audit.ignore_users: ['kibanaserver','some*user','/also.*regex possible/']"

The reference file for the settings can be found here too: https://github.com/opendistro-for-elasticsearch/security/blob/master/securityconfig/elasticsearch.yml.example