diff --git a/src/applications/diffusion/query/DiffusionPullLogSearchEngine.php b/src/applications/diffusion/query/DiffusionPullLogSearchEngine.php
index db5d4b9fcb..dfdfceb519 100644
--- a/src/applications/diffusion/query/DiffusionPullLogSearchEngine.php
+++ b/src/applications/diffusion/query/DiffusionPullLogSearchEngine.php
@@ -60,7 +60,9 @@ final class DiffusionPullLogSearchEngine
   }
 
   protected function newExportFields() {
-    return array(
+    $viewer = $this->requireViewer();
+
+    $fields = array(
       id(new PhabricatorPHIDExportField())
         ->setKey('repositoryPHID')
         ->setLabel(pht('Repository PHID')),
@@ -86,6 +88,14 @@ final class DiffusionPullLogSearchEngine
         ->setKey('date')
         ->setLabel(pht('Date')),
     );
+
+    if ($viewer->getIsAdmin()) {
+      $fields[] = id(new PhabricatorStringExportField())
+        ->setKey('remoteAddress')
+        ->setLabel(pht('Remote Address'));
+    }
+
+    return $fields;
   }
 
   protected function newExportData(array $events) {
@@ -117,7 +127,7 @@ final class DiffusionPullLogSearchEngine
         $puller_name = null;
       }
 
-      $export[] = array(
+      $map = array(
         'repositoryPHID' => $repository_phid,
         'repository' => $repository_name,
         'pullerPHID' => $puller_phid,
@@ -127,6 +137,12 @@ final class DiffusionPullLogSearchEngine
         'code' => $event->getResultCode(),
         'date' => $event->getEpoch(),
       );
+
+      if ($viewer->getIsAdmin()) {
+        $map['remoteAddress'] = $event->getRemoteAddress();
+      }
+
+      $export[] = $map;
     }
 
     return $export;
diff --git a/src/applications/diffusion/view/DiffusionPullLogListView.php b/src/applications/diffusion/view/DiffusionPullLogListView.php
index f2e3280eba..8df35e2922 100644
--- a/src/applications/diffusion/view/DiffusionPullLogListView.php
+++ b/src/applications/diffusion/view/DiffusionPullLogListView.php
@@ -22,24 +22,10 @@ final class DiffusionPullLogListView extends AphrontView {
     }
     $handles = $viewer->loadHandles($handle_phids);
 
-    // Figure out which repositories are editable. We only let you see remote
-    // IPs if you have edit capability on a repository.
-    $editable_repos = array();
-    if ($events) {
-      $editable_repos = id(new PhabricatorRepositoryQuery())
-        ->setViewer($viewer)
-        ->requireCapabilities(
-          array(
-            PhabricatorPolicyCapability::CAN_VIEW,
-            PhabricatorPolicyCapability::CAN_EDIT,
-          ))
-        ->withPHIDs(mpull($events, 'getRepositoryPHID'))
-        ->execute();
-      $editable_repos = mpull($editable_repos, null, 'getPHID');
-    }
+    // Only administrators can view remote addresses.
+    $remotes_visible = $viewer->getIsAdmin();
 
     $rows = array();
-    $any_host = false;
     foreach ($events as $event) {
       if ($event->getRepositoryPHID()) {
         $repository = $event->getRepository();
@@ -47,13 +33,10 @@ final class DiffusionPullLogListView extends AphrontView {
         $repository = null;
       }
 
-      // Reveal this if it's valid and the user can edit the repository. For
-      // invalid requests you currently have to go fishing in the database.
-      $remote_address = '-';
-      if ($repository) {
-        if (isset($editable_repos[$event->getRepositoryPHID()])) {
-          $remote_address = $event->getRemoteAddress();
-        }
+      if ($remotes_visible) {
+        $remote_address = $event->getRemoteAddress();
+      } else {
+        $remote_address = null;
       }
 
       $event_id = $event->getID();
@@ -107,6 +90,13 @@ final class DiffusionPullLogListView extends AphrontView {
           '',
           'n',
           'right',
+        ))
+      ->setColumnVisibility(
+        array(
+          true,
+          true,
+          true,
+          $remotes_visible,
         ));
 
     return $table;
diff --git a/src/applications/diffusion/view/DiffusionPushLogListView.php b/src/applications/diffusion/view/DiffusionPushLogListView.php
index 303f0519f6..77f28671c6 100644
--- a/src/applications/diffusion/view/DiffusionPushLogListView.php
+++ b/src/applications/diffusion/view/DiffusionPushLogListView.php
@@ -25,31 +25,18 @@ final class DiffusionPushLogListView extends AphrontView {
 
     $handles = $viewer->loadHandles($handle_phids);
 
-    // Figure out which repositories are editable. We only let you see remote
-    // IPs if you have edit capability on a repository.
-    $editable_repos = array();
-    if ($logs) {
-      $editable_repos = id(new PhabricatorRepositoryQuery())
-        ->setViewer($viewer)
-        ->requireCapabilities(
-          array(
-            PhabricatorPolicyCapability::CAN_VIEW,
-            PhabricatorPolicyCapability::CAN_EDIT,
-          ))
-        ->withPHIDs(mpull($logs, 'getRepositoryPHID'))
-        ->execute();
-      $editable_repos = mpull($editable_repos, null, 'getPHID');
-    }
+    // Only administrators can view remote addresses.
+    $remotes_visible = $viewer->getIsAdmin();
 
     $rows = array();
     $any_host = false;
     foreach ($logs as $log) {
       $repository = $log->getRepository();
 
-      // Reveal this if it's valid and the user can edit the repository.
-      $remote_address = '-';
-      if (isset($editable_repos[$log->getRepositoryPHID()])) {
+      if ($remotes_visible) {
         $remote_address = $log->getPushEvent()->getRemoteAddress();
+      } else {
+        $remote_address = null;
       }
 
       $event_id = $log->getPushEvent()->getID();
@@ -142,7 +129,7 @@ final class DiffusionPushLogListView extends AphrontView {
           true,
           true,
           true,
-          true,
+          $remotes_visible,
           true,
           $any_host,
         ));