You can look in transaction SM05 for active security sessions. Also in table SECURITY_CONTEXT you see all active X-CSRF-Tokens
I don't think that token generation is being logged somewhere
You can activate Gateway logging via /IWFND/TRACES however all requests are being logged not only the ones which require a Token. By default all modifying requests need a Token so maybe you can filter all non-GET's