You can also filter the logs for filtering the specific activities carried out by a specific user, or a specific activity carried out around a certain time frame on a particular DHCP scope to detect security breeches and malpractices.
Regularly reviewing your DHCP security logs helps you ensure that the access control mechanisms are performing adequately, determine whether users are sticking to your security practices, and catch new potential security weaknesses.