Running Federation Services, when Policy Server receives request SAMLRequest from SP side, the success logs show lines like this one.

How is it possible to insert in the log line the caller IP address in Federation journeys?

AssertionGenerate <agent> [24/Mar/2021:11:52:59 +0100] "<user>" "<partnership> Visit /" [] [0] [] []

Client IP in Policy Server smaccess log for Federation is not implemented in SiteMinder.

A way to get it is to enable TransientIPCheck on the ACO of the Federation Services (1).

Note that enabling the TransientIPCheck will make the Agent ensure that the IP Address in the SMSESSION cookie is the one of the caller.

In some architecture involving Load Balancer, enabling TransientIPCheck might bring more complexity to the browser experience, at the same time bringing more session security (2).

Open an Enhancement Request (Idea) to get this option in future releases (3) without the need to enable TransientIPCheck.

1. Full ACO list for Web Agent Option Pack
   
   
2. Compare IP Addresses to Prevent Security Breaches
   
   
3. Creating an Idea/Enhancement Request for SiteMinder