It would be much easier for customers to produce a report of authentication successes and failures with the IP address if the authentication success message in the log file included the IP address.
At the moment, a successful authentication log message does not include the IP address:
While the failure authentication log message does include the IP address
Adding the IP address to the success message would allow customer to easily monitor for situations such as "Were there any successful authentication requests from IPs outside of those I believe I have whitelisted in my firewall?".