So, we all know that host IQNs have to live in an igroup in order to allow that host to access iSCSI LUNs. If a host has some IQN that you haven't specified in an igroup, it's not going to get access to the LUN.
Is there a log somewhere in CDOT 8.2.3 that records failed iSCSI logon attempts from non-authorized/non-configured IQNs?