Being part of a government entity we have been asked to identify an individual by their IP address at the time. There are no indications in any of our logs that would indicate such information. I am wondering if I could search the duo logs for a specific IP address that a duo request could have come from. Is this possible?
Hi there, and welcome to the Duo Community. I recommend taking a look at our Guide to reading the Authentication Log report in the Duo Admin Panel. If it is available, the IP address of the device used to access the Duo-protected application will appear in the Access Device column.