If in ArchLinux we want to have that log back where it always is, in order to know authentication attempts on our computer and others, to have a certainty of security beyond the firewall, syslog-ng can be an excellent alternative.
First we must install it in ArchLinux:
sudo pacman -S syslog-ng
Once installed, we proceed to start it:
sudo systemctl start syslog-ng
Then, so that it starts automatically we enable it with enable:
sudo systemctl enable syslog-ng
If it fails to start the service try:
systemctl start syslog-ng@default
systemctl enable syslog-ng@default