A log of all DA activity taken with ability to filer by user account and/or device

We have a lot of retail colleagues who don't necessarily have contact details, so can be hard to liaise with when DA has been taken, the likely scenario is they would call our internal IT Service Desk to reset their credentials after DA by QC is taken to get themselves back up and running. A single log of all DA activity taken with ability to filter by user and/or device would be useful to provide our IT Service Desk with context in event of such a call. And also give us ability to see repeat offenders or accounts that have been targeted multiple times.