Oracle Failed Logins

SELECT username,

os_username,

returncode,

userhost,

TRUNC(timestamp),

COUNT(1) failed_logins

FROM dba_audit_trail

WHERE returncode <> 0

AND timestamp > TRUNC(SYSDATE)

GROUP BY username,

os_username,

returncode,

userhost,

TRUNC(timestamp)

ORDER BY TRUNC(timestamp);