==== Background
With IP Masking enabled, only privileged users will be able to see IP addresses (see {T325238} for more information).
Whenever this information is accessed, it should be logged. This is in order to provide a pathway for peer oversight and keep a check on misuse of IP address reveal.
==== What should we log
**Log 1: Activation/deactivation of access**
* Who activated/deactivated access to IP addresses
* When they received/revoked the access (timestamp)
**Retention: ** Indefinite retention of this log
**Log 2: Log of actions taken**
* Temp username that was revealed
* Performer for the reveal
* Timestamp of this action
* ~~Which IP(s) were unmasked~~ see T333592
~~**Retention: ** 90 day retention of this log ~~ see T333592
==== Who can access the logs
* This log is visible to staff (t&s), stewards, checkusers and ombuds
==== Notes
* We don't want to include any filters on the log just yet. This may change if we hear a demonstrated need for them.
* Some of this may change when we rollout based on feedback we get