Logging file accessed even with wrong password

For reference, I am using ELK to monitor Nextcloud. I have created password protected shared links for numerous files. When I open the link in the browser and type in the wrong password, I still get a log entry saying that the file was accessed. I am the only one with the link and I get a new “file accessed” message each time I enter the wrong password. This seems to be a glitch and is disadvantageous for monitoring as the log implies that the file was accessed even though it was not. Are there log configs that can be changed (other than the INFO, DEBUG, WARNINGe etc). My current log level is INFO.