Big organizations have strong security policies and one of our potential customers would like to distinguish superadmin actions (login, change the config, change permissions) from other action. For example, they ask to change logging level (from INFO to WARN) when superadmin is logging in.