Hi
1. Login to SEPM
2. Goto Monitor tab
3. Goto Log tab
4. In the log type Select as "Risk"
5. Select the Time Range
6. Click on View logs
7. Export the logs
When you export the logs search for the tab source IP which will give the Source of attacker
Note: This will be available only when the Risk Tracer is enabled
Regards