Tenant Administrator IP in Logs


I have a webhook configured on Auth0 Streams Dashboard and it is forwarding event logs to our server endpoint as intended.
However, when an action (such as unenrolling MFA for a user) is performed by a tenant administrator via the Auth0 dashboard, the IP address of the tenant admin is not found in the logs. Instead, it denotes a private Auth0 IP. Please see the image below

How can I get the IP address of the tenant admin that took the action?

I tried programmatically resetting MFA using Auth0 management API and providing IP address in “auth0-forwarded-for” header. But looks like this does not fall under Anomaly events so I do not see the IP address in logs.

What are my options here to get the tenant admin IP that performed the action?
One of the ways I can think of is to set up an endpoint on my server that calls Auth0 management API. This way I can get the IP address of person making request to my server. This seems a bit over-engineered though.

Is there any Auth0 native way to do/enable this?