It would be much easier for customers to produce a report of authentication successes and failures with the IP address if the authentication success message in the log file included the IP address.
At the moment, a successful authentication log message does not include the IP address:
2019-02-25T16:27:23.805+0000 I ACCESS [conn63538] Successfully authenticated as principal admin on admin
While the failure authentication log message does include the IP address
2019-02-25T16:23:12.863+0000 I ACCESS [conn63518] SCRAM-SHA-1 authentication failed for admin on admin from client 184.108.40.206:54790 ; AuthenticationFailed: SCRAM-SHA-1 authentication failed, storedKey mismatch
Adding the IP address to the success message would allow customer to easily monitor for situations such as "Were there any successful authentication requests from IPs outside of those I believe I have whitelisted in my firewall?".