When conducting a Recent Activity Search By User it would be more than helpful to display the IP address of the device that was being used by the user at the time of URL access. We have had a number of occasions where Indicators of Compromised servers have been flagged to us and we need to trace the users and devices that have attempted to access these sites however this is not possible as the search parameters and detail given is not granular enough. The IP addresses are shown when you use a By Suspicious Activity search so the information is stored, just not presented in a By User report. I find the GUI has been simplified too much and should have an option to display an "Advanced" GUI for users that perhaps want to search the logs in more detail. There is always the option to contact Support but the last time I attempted this the data was lost by the time support had a chance to review. The customer should be able to extract this data themselves! Any other web filtering product I have used in the past has allowed far more granular searching.