Rule - Get the Audit events who's action is Login

import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.object.AuditEvent;

 ArrayList auditNames = new ArrayList();
 Filter loginFilter = Filter.eq("action", "login");
 List AuditList = context.getObjects(AuditEvent.class,new QueryOptions().addFilter(loginFilter));
    log.debug("\nAudit List"+AuditList);

 for (AuditEvent auditName : AuditList) {  
  log.debug(auditName.getName());
  auditNames.add(auditName.getName());
}

Comment below if you find this post helpful.