diff --git a/panko/templates/configmap-etc.yaml b/panko/templates/configmap-etc.yaml
index 41f6980e31..b00e7b6ce4 100644
--- a/panko/templates/configmap-etc.yaml
+++ b/panko/templates/configmap-etc.yaml
@@ -85,5 +85,6 @@ data:
   logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }}
   api_paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }}
   policy.json: {{  toJson .Values.conf.policy | b64enc }}
+  api_audit_map.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.api_audit_map | b64enc }}
 {{ include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_panko "key" "wsgi-panko.conf" "format" "Secret" ) | indent 2 }}
 {{- end }}
diff --git a/panko/templates/deployment-api.yaml b/panko/templates/deployment-api.yaml
index 3efa5a0fc8..06e6baf8a4 100644
--- a/panko/templates/deployment-api.yaml
+++ b/panko/templates/deployment-api.yaml
@@ -96,6 +96,10 @@ spec:
               mountPath: /etc/panko/policy.json
               subPath: policy.json
               readOnly: true
+            - name: panko-etc
+              mountPath: /etc/panko/api_audit_map.conf
+              subPath: api_audit_map.conf
+              readOnly: true
             - name: panko-etc
               mountPath: /etc/apache2/conf-enabled/wsgi-panko.conf
               subPath: wsgi-panko.conf
diff --git a/panko/values.yaml b/panko/values.yaml
index 7adefd039b..009902cb8e 100644
--- a/panko/values.yaml
+++ b/panko/values.yaml
@@ -220,7 +220,7 @@ conf:
     </VirtualHost>
   paste:
     pipeline:main:
-      pipeline: cors http_proxy_to_wsgi request_id authtoken api-server
+      pipeline: cors http_proxy_to_wsgi request_id authtoken audit api-server
     app:api-server:
       paste.app_factory: panko.api.app:app_factory
     filter:authtoken:
@@ -234,6 +234,9 @@ conf:
     filter:http_proxy_to_wsgi:
       paste.filter_factory: oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory
       oslo_config_project: panko
+    filter:audit:
+      paste.filter_factory: keystonemiddleware.audit:filter_factory
+      audit_map_file: /etc/panko/api_audit_map.conf
   policy:
     context_is_admin: role:admin
     segregation: rule:context_is_admin
@@ -310,6 +313,16 @@ conf:
       class: oslo_log.formatters.ContextFormatter
     formatter_default:
       format: "%(message)s"
+  api_audit_map:
+    DEFAULT:
+      target_endpoint_type: event
+    path_keywords:
+      events: message_id
+      capabilities: None
+      event_types: event_type
+      traits: event_type
+    service_endpoints:
+      event: service/event
 
 # typically overriden by environmental
 # values, but should include all endpoints