I discovered in my latest tech support track: CS0136992 that client IP Address is only passed to the metadata logs for calls related to: New Client Connections Redirects for the client in the cluster AND - it cannot be configured to be added for other logging events! SAS Help Center: X Conversion Character I would like to request the ability to add Client IP Address as a descriptive characteristic to various Metadata Audit logging events such as: Group/Role Changes Logon/Logoff Role Permissions Changes Client IT teams often work with Splunk & other tools that query logs using a NoSQL query language. As duplicative as it may be - this allows IT teams to easily comply with security and tracking requirements to be able to easily track and identify cyber security events and get all information in a single query. Without this - what I'm being told, is security teams would first need to identify the event in question, then using the request ID - track that all throughout the logs until they found the initial new client connection in order to find the source IP. This kind of sub-query is incredibly tedious behavior and creates a significant disconnect that must be manually traversed in order to create the wholistic picture cyber security teams are looking for. Please include this as a feature in the next release!
... View more