Viewing attempted passwords used to log in
Generally a system would not provide this functionality because it presents a security risk. When users mistype their passwords (and they often do, this is normal behavior) they are often only one or two characters off of their correct password. If you could see their failed login attempts, it would be incredibly easy in most cases to determine their actual password. This breaks the cardinal rule that a system should never reveal a user's password, neither to that user nor to the system administrator.
Instead, you could just look at the number of failed attempts. A normal user might type their password wrong a couple of times in a row tops. If you see an account with a significant number of missed attempts (perhaps more than 5 in a day) than you should look in to it (e.g. ask the user if they mistype their password a lot). If a brute-force attack were occurring at a low enough speed for it to not look unusual by volume, then it will take far too long to be a real risk (it will require many years unless your users have exceptionally weak passwords or user passwords are known), as long as users have sufficiently complex passwords.
Perhaps the best thing you could do for attempted remote logins (which I assume is what you mean, if someone's bruteforcing at the keyboard than you should really hire a security firm :) ) is look at the IPs that attempts are coming from and block any that are suspicious (blocking IPs that geolocate to out-of-country often cuts out brute forcing entirely). Unfortunately, from an example I googled for OS X sshd doesn't seem to log the IP address that a request came from, at least not in secure.log. Perhaps if you look in a different log file you will find this IP information. If you see an IP that is from out of country, repetitively attempts to log in and never succeeds, etc. than you can configure your perimeter firewall (best) or host firewalls (if its your only choice) to drop requests from these IPs.
I'd look at installing fail2ban. I use it on every system I have with a remotely-accessible ssh daemon:
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address.
Rejections are temporary, but should slow down brute force attacks to be practically impossible (on my systems, I think they get 6 attempts per 10 minutes).
OS X server installation instructions here. I assume they work on regular OS X just as well.