This isn't true.

Deanonymizing Tor users is still somewhat difficult and reading access logs will only show you the last exit node's IP, not the actual client who is using Tor.

You'd have to run code on the client machine (like using JavaScript) for them to establish an outbound connection without using Tor, preferably to a system under your control.