I am no security expert either, and true, this is simply logging information. I commented because I found a lot of poor information and bad code examples about this topic while searching for more information, and added the comment above to point to relevant information for those that want it. In the case of Simple Login Log, this change wouldn't introduce a vulnerability.
Assuming REMOTE_ADDR is not a local IP (such as 127.0.0.1), if HTTP_X_REAL_IP and REMOTE_ADDR were different, that would be information of interest to me.
Thanks for the work in Login Log, it's a useful plugin.