I'm not sure if this fits within the scope of the project but it may be useful from a security standpoint to compile a list or count of unique IP addresses on a per user basis as well. This could help in identify potentially compromised accounts.
Jason
Thanks for the input. Derek Simmel can confirm, but I believe there may be Fail2ban or some other IDS currently in use on the hub that might already cover this, but I will pass this onto Derek. The current effort is aimed at just the usage metrics.
fail2ban is enabled for ssh on the SSOHub.
Thanks for the update.