From e506488bcb903b2ce0479e9f85781c8a433e981c Mon Sep 17 00:00:00 2001
From: micheleRP <michele@redpanda.com>
Date: Thu, 28 Aug 2025 21:06:15 -0600
Subject: [PATCH 01/13] DOC-1569 Console new config for audit-logs

---
 modules/console/pages/config/configure-console.adoc     | 8 +++++++-
 modules/manage/partials/audit-logging.adoc              | 2 ++
 modules/shared/attachments/redpanda-console-config.yaml | 2 ++
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index 041702a6fd..f977249435 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -22,7 +22,7 @@ For example:
 
 [cols="1m,1m"]
 |===
-|YAML|Environment Variable
+|YAML|Environment variable
 
 |kafka.rackId
 |KAFKA_RACKID
@@ -96,6 +96,8 @@ spec:
             #brokers: [] # Auto-configured to connect to this Redpanda cluster
           server:
             listenPort: 8080
+          auditLog:
+            enabled: true
           # Add any other Redpanda Console configuration here
 ----
 +
@@ -121,6 +123,8 @@ console:
         #brokers: [] # Auto-configured to connect to this Redpanda cluster
       server:
         listenPort: 8080
+      auditLog:
+        enabled: true
       # Add any other Redpanda Console configuration here
 ----
 +
@@ -187,6 +191,8 @@ console:
         # See https://docs.redpanda.com/current/console/config/connect-to-redpanda/
         kafka:
           brokers: ["redpanda-0:9092","redpanda-1:9092","redpanda-2:9092"]
+        auditlog:
+          enabled: true
 ----
 
 [[config-yaml]]
diff --git a/modules/manage/partials/audit-logging.adoc b/modules/manage/partials/audit-logging.adoc
index 1ab2cd79d8..66bff82a49 100644
--- a/modules/manage/partials/audit-logging.adoc
+++ b/modules/manage/partials/audit-logging.adoc
@@ -16,6 +16,8 @@ With audit logging enabled, there should be no noticeable changes in performance
 ifndef::env-cloud[]
 NOTE: Audit logging is configured at the cluster level. Redpanda supports excluding specific topics or principals from auditing to help reduce noise in the log. Audit logging is disabled by default.
 
+To view audit events in Redpanda Console, enable the audit logging with `auditLog.enabled`. See xref:console:config/configure-console.adoc[].
+
 endif::[]
 
 == Audit log flow
diff --git a/modules/shared/attachments/redpanda-console-config.yaml b/modules/shared/attachments/redpanda-console-config.yaml
index 0d06c9fb9b..b0b7f0ca3e 100644
--- a/modules/shared/attachments/redpanda-console-config.yaml
+++ b/modules/shared/attachments/redpanda-console-config.yaml
@@ -271,6 +271,8 @@ console:
     #       -----END PRIVATE KEY-----
     #     privateKeyFilepath: /path/to/private/key
     #     passphrase: <optional_passphrase>
+  auditLog:
+    enabled: true
 
 #----------------------------------------------------------------------------
 # Server settings

From db972005c35325d13baed8f8512abc5d3bd0c6ff Mon Sep 17 00:00:00 2001
From: micheleRP <michele@redpanda.com>
Date: Thu, 28 Aug 2025 21:15:59 -0600
Subject: [PATCH 02/13] default to false

---
 modules/console/pages/config/configure-console.adoc     | 6 +++---
 modules/manage/partials/audit-logging.adoc              | 2 +-
 modules/shared/attachments/redpanda-console-config.yaml | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index f977249435..f12b68174e 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -97,7 +97,7 @@ spec:
           server:
             listenPort: 8080
           auditLog:
-            enabled: true
+            enabled: false   # default; set true to show the audit log UI
           # Add any other Redpanda Console configuration here
 ----
 +
@@ -124,7 +124,7 @@ console:
       server:
         listenPort: 8080
       auditLog:
-        enabled: true
+        enabled: false   # default; set true to show the audit log UI
       # Add any other Redpanda Console configuration here
 ----
 +
@@ -192,7 +192,7 @@ console:
         kafka:
           brokers: ["redpanda-0:9092","redpanda-1:9092","redpanda-2:9092"]
         auditlog:
-          enabled: true
+          enabled: false   # default; set true to show the audit log UI
 ----
 
 [[config-yaml]]
diff --git a/modules/manage/partials/audit-logging.adoc b/modules/manage/partials/audit-logging.adoc
index 66bff82a49..b7342f4c1e 100644
--- a/modules/manage/partials/audit-logging.adoc
+++ b/modules/manage/partials/audit-logging.adoc
@@ -16,7 +16,7 @@ With audit logging enabled, there should be no noticeable changes in performance
 ifndef::env-cloud[]
 NOTE: Audit logging is configured at the cluster level. Redpanda supports excluding specific topics or principals from auditing to help reduce noise in the log. Audit logging is disabled by default.
 
-To view audit events in Redpanda Console, enable the audit logging with `auditLog.enabled`. See xref:console:config/configure-console.adoc[].
+To view audit events in Redpanda Console, set `console.auditLog.enabled: true` in the Console configuration. See xref:console:config/configure-console.adoc[].
 
 endif::[]
 
diff --git a/modules/shared/attachments/redpanda-console-config.yaml b/modules/shared/attachments/redpanda-console-config.yaml
index b0b7f0ca3e..741deefb49 100644
--- a/modules/shared/attachments/redpanda-console-config.yaml
+++ b/modules/shared/attachments/redpanda-console-config.yaml
@@ -272,7 +272,7 @@ console:
     #     privateKeyFilepath: /path/to/private/key
     #     passphrase: <optional_passphrase>
   auditLog:
-    enabled: true
+    enabled: false   # default; set true to show the audit log UI
 
 #----------------------------------------------------------------------------
 # Server settings

From f61fb1bf5856e078fc4503639b2a8e1f85b497fc Mon Sep 17 00:00:00 2001
From: micheleRP <michele@redpanda.com>
Date: Thu, 28 Aug 2025 21:38:57 -0600
Subject: [PATCH 03/13] edit

---
 modules/console/pages/config/configure-console.adoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index f12b68174e..3cc4457826 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -212,4 +212,4 @@ xref:shared:attachment$redpanda-console-config.yaml[Download the sample file].
 [,yaml]
 ----
 include::shared:attachment$redpanda-console-config.yaml[]
-----
+----
\ No newline at end of file

From 2ec5c78af83362d2cfb0753e1d3d229143125e2b Mon Sep 17 00:00:00 2001
From: micheleRP <michele@redpanda.com>
Date: Thu, 28 Aug 2025 21:45:50 -0600
Subject: [PATCH 04/13] minor edit

---
 modules/manage/partials/audit-logging.adoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/manage/partials/audit-logging.adoc b/modules/manage/partials/audit-logging.adoc
index b7342f4c1e..9c97121ac2 100644
--- a/modules/manage/partials/audit-logging.adoc
+++ b/modules/manage/partials/audit-logging.adoc
@@ -16,7 +16,7 @@ With audit logging enabled, there should be no noticeable changes in performance
 ifndef::env-cloud[]
 NOTE: Audit logging is configured at the cluster level. Redpanda supports excluding specific topics or principals from auditing to help reduce noise in the log. Audit logging is disabled by default.
 
-To view audit events in Redpanda Console, set `console.auditLog.enabled: true` in the Console configuration. See xref:console:config/configure-console.adoc[].
+*Redpanda Console*: To view audit events in Redpanda Console, set `console.auditLog.enabled: true` in the Console configuration. See xref:console:config/configure-console.adoc[].
 
 endif::[]
 

From 60e1dae9cc463a6efe97c8e9c207456027bf7694 Mon Sep 17 00:00:00 2001
From: micheleRP <michele@redpanda.com>
Date: Thu, 28 Aug 2025 22:03:25 -0600
Subject: [PATCH 05/13] minor edit

---
 modules/manage/partials/audit-logging.adoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/manage/partials/audit-logging.adoc b/modules/manage/partials/audit-logging.adoc
index 9c97121ac2..14b40076d3 100644
--- a/modules/manage/partials/audit-logging.adoc
+++ b/modules/manage/partials/audit-logging.adoc
@@ -16,7 +16,7 @@ With audit logging enabled, there should be no noticeable changes in performance
 ifndef::env-cloud[]
 NOTE: Audit logging is configured at the cluster level. Redpanda supports excluding specific topics or principals from auditing to help reduce noise in the log. Audit logging is disabled by default.
 
-*Redpanda Console*: To view audit events in Redpanda Console, set `console.auditLog.enabled: true` in the Console configuration. See xref:console:config/configure-console.adoc[].
+*Redpanda Console*: To view audit events in Redpanda Console, set `console.auditLog.enabled: true`. See xref:console:config/configure-console.adoc[].
 
 endif::[]
 

From 18fba6c514f5d8e6a2a094e6fd8c4ff0c1ace778 Mon Sep 17 00:00:00 2001
From: Michele Cyran <michele@redpanda.com>
Date: Thu, 28 Aug 2025 22:19:36 -0600
Subject: [PATCH 06/13] Update
 modules/console/pages/config/configure-console.adoc

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 modules/console/pages/config/configure-console.adoc | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index 3cc4457826..c2abe81226 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -190,10 +190,11 @@ console:
         # Configure a connection to the Redpanda cluster
         # See https://docs.redpanda.com/current/console/config/connect-to-redpanda/
         kafka:
-          brokers: ["redpanda-0:9092","redpanda-1:9092","redpanda-2:9092"]
-        auditlog:
-          enabled: false   # default; set true to show the audit log UI
-----
+         kafka:
+           brokers: ["redpanda-0:9092","redpanda-1:9092","redpanda-2:9092"]
+         console:
+           auditLog:
+             enabled: false   # default; set true to show the audit log UI
 
 [[config-yaml]]
 == Complete configuration file example

From 1dc708ab925ee932a7e48232023953b417b62678 Mon Sep 17 00:00:00 2001
From: Michele Cyran <michele@redpanda.com>
Date: Thu, 28 Aug 2025 22:19:47 -0600
Subject: [PATCH 07/13] Update
 modules/console/pages/config/configure-console.adoc

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 modules/console/pages/config/configure-console.adoc | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index c2abe81226..4e40529422 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -123,8 +123,11 @@ console:
         #brokers: [] # Auto-configured to connect to this Redpanda cluster
       server:
         listenPort: 8080
-      auditLog:
-        enabled: false   # default; set true to show the audit log UI
+      server:
+        listenPort: 8080
+      console:
+        auditLog:
+          enabled: false   # default; set true to show the audit log UI
       # Add any other Redpanda Console configuration here
 ----
 +

From 9545b5b313cf4ddf23c781ceac5af463dd19feae Mon Sep 17 00:00:00 2001
From: Michele Cyran <michele@redpanda.com>
Date: Thu, 28 Aug 2025 22:19:57 -0600
Subject: [PATCH 08/13] Update
 modules/console/pages/config/configure-console.adoc

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 modules/console/pages/config/configure-console.adoc | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index 4e40529422..8e0cc6a94d 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -96,8 +96,11 @@ spec:
             #brokers: [] # Auto-configured to connect to this Redpanda cluster
           server:
             listenPort: 8080
-          auditLog:
-            enabled: false   # default; set true to show the audit log UI
+          server:
+            listenPort: 8080
+          console:
+            auditLog:
+              enabled: false   # default; set true to show the audit log UI
           # Add any other Redpanda Console configuration here
 ----
 +

From 31d87d76e165e9586b53f863fa6d46086e15dded Mon Sep 17 00:00:00 2001
From: Michele Cyran <michele@redpanda.com>
Date: Fri, 29 Aug 2025 07:51:13 -0600
Subject: [PATCH 09/13] Update
 modules/console/pages/config/configure-console.adoc

Co-authored-by: Martin Schneppenheim <23424570+weeco@users.noreply.github.com>
---
 modules/console/pages/config/configure-console.adoc | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index 8e0cc6a94d..3814ef7b8c 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -98,9 +98,8 @@ spec:
             listenPort: 8080
           server:
             listenPort: 8080
-          console:
-            auditLog:
-              enabled: false   # default; set true to show the audit log UI
+          auditLog:
+            enabled: false   # default; set true to emit audit logs on stdout
           # Add any other Redpanda Console configuration here
 ----
 +

From a9d3d513d39876eab6a8a56fcabb872b3f0f7e34 Mon Sep 17 00:00:00 2001
From: micheleRP <michele@redpanda.com>
Date: Fri, 29 Aug 2025 08:18:36 -0600
Subject: [PATCH 10/13] incorporate feedback

---
 .../pages/config/configure-console.adoc       | 25 ++++++++-----------
 modules/manage/partials/audit-logging.adoc    |  2 --
 .../attachments/redpanda-console-config.yaml  |  2 +-
 3 files changed, 11 insertions(+), 18 deletions(-)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index 3814ef7b8c..c14b03408e 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -1,4 +1,3 @@
-
 = Configure Redpanda Console
 :description: Learn how to configure Redpanda Console using environment variables, YAML files, or command-line arguments.
 :page-aliases: console:reference/config.adoc, reference:console/config.adoc
@@ -96,10 +95,8 @@ spec:
             #brokers: [] # Auto-configured to connect to this Redpanda cluster
           server:
             listenPort: 8080
-          server:
-            listenPort: 8080
           auditLog:
-            enabled: false   # default; set true to emit audit logs on stdout
+            enabled: false   # default; set to true to write audit logs to stdout
           # Add any other Redpanda Console configuration here
 ----
 +
@@ -125,11 +122,8 @@ console:
         #brokers: [] # Auto-configured to connect to this Redpanda cluster
       server:
         listenPort: 8080
-      server:
-        listenPort: 8080
-      console:
-        auditLog:
-          enabled: false   # default; set true to show the audit log UI
+      auditLog:
+        enabled: false   # default; set to true to write audit logs to stdout
       # Add any other Redpanda Console configuration here
 ----
 +
@@ -186,7 +180,7 @@ console:
     container_name: redpanda-console
     image: docker.redpanda.com/redpandadata/console:{latest-console-tag}
     entrypoint: /bin/sh
-    command: -c 'echo "$$CONSOLE_CONFIG_FILE" > /tmp/config.yml
+    command: -c 'echo "$$CONSOLE_CONFIG_FILE" > /tmp/config.yml'
     volumes:
       - ./config:/tmp/config/
     environment:
@@ -195,11 +189,10 @@ console:
         # Configure a connection to the Redpanda cluster
         # See https://docs.redpanda.com/current/console/config/connect-to-redpanda/
         kafka:
-         kafka:
-           brokers: ["redpanda-0:9092","redpanda-1:9092","redpanda-2:9092"]
-         console:
-           auditLog:
-             enabled: false   # default; set true to show the audit log UI
+          brokers: ["redpanda-0:9092","redpanda-1:9092","redpanda-2:9092"]
+        auditLog:
+          enabled: false   # default; set to true to write audit logs to stdout
+----
 
 [[config-yaml]]
 == Complete configuration file example
@@ -215,7 +208,9 @@ The following YAML file contains a complete list of all Redpanda Console configu
 xref:shared:attachment$redpanda-console-config.yaml[Download the sample file].
 
 .redpanda-console-config.yaml
+
 [,yaml]
 ----
 include::shared:attachment$redpanda-console-config.yaml[]
+
 ----
\ No newline at end of file
diff --git a/modules/manage/partials/audit-logging.adoc b/modules/manage/partials/audit-logging.adoc
index 14b40076d3..1ab2cd79d8 100644
--- a/modules/manage/partials/audit-logging.adoc
+++ b/modules/manage/partials/audit-logging.adoc
@@ -16,8 +16,6 @@ With audit logging enabled, there should be no noticeable changes in performance
 ifndef::env-cloud[]
 NOTE: Audit logging is configured at the cluster level. Redpanda supports excluding specific topics or principals from auditing to help reduce noise in the log. Audit logging is disabled by default.
 
-*Redpanda Console*: To view audit events in Redpanda Console, set `console.auditLog.enabled: true`. See xref:console:config/configure-console.adoc[].
-
 endif::[]
 
 == Audit log flow
diff --git a/modules/shared/attachments/redpanda-console-config.yaml b/modules/shared/attachments/redpanda-console-config.yaml
index 741deefb49..d797b6c6a8 100644
--- a/modules/shared/attachments/redpanda-console-config.yaml
+++ b/modules/shared/attachments/redpanda-console-config.yaml
@@ -272,7 +272,7 @@ console:
     #     privateKeyFilepath: /path/to/private/key
     #     passphrase: <optional_passphrase>
   auditLog:
-    enabled: false   # default; set true to show the audit log UI
+    enabled: false   # default; set to true to write audit logs to stdout
 
 #----------------------------------------------------------------------------
 # Server settings

From e48e358abfde4ce02d7932ce82d73f2fdcf79729 Mon Sep 17 00:00:00 2001
From: micheleRP <michele@redpanda.com>
Date: Fri, 29 Aug 2025 08:26:02 -0600
Subject: [PATCH 11/13] add to k8s stsandalone

---
 modules/console/pages/config/configure-console.adoc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index c14b03408e..dd6c9a1587 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -155,6 +155,8 @@ config:
       - redpanda-1.redpanda.svc.cluster.local:9092
   server:
     listenPort: 8080
+  auditLog:
+    enabled: false   # default; set to true to write audit logs to stdout
   # Add any other Redpanda Console configuration here
 ----
 

From 192ccc15c9b2c9618ce0a29957be5d495211f882 Mon Sep 17 00:00:00 2001
From: micheleRP <michele@redpanda.com>
Date: Fri, 29 Aug 2025 12:17:32 -0600
Subject: [PATCH 12/13] Add additionalHeaders

---
 modules/console/pages/config/configure-console.adoc     | 4 ++++
 modules/shared/attachments/redpanda-console-config.yaml | 1 +
 2 files changed, 5 insertions(+)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index dd6c9a1587..9c00356494 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -97,6 +97,7 @@ spec:
             listenPort: 8080
           auditLog:
             enabled: false   # default; set to true to write audit logs to stdout
+            additionalHeaders:   # specifies HTTP headers to include in audit logs
           # Add any other Redpanda Console configuration here
 ----
 +
@@ -124,6 +125,7 @@ console:
         listenPort: 8080
       auditLog:
         enabled: false   # default; set to true to write audit logs to stdout
+        additionalHeaders:   # specifies HTTP headers to include in audit logs
       # Add any other Redpanda Console configuration here
 ----
 +
@@ -157,6 +159,7 @@ config:
     listenPort: 8080
   auditLog:
     enabled: false   # default; set to true to write audit logs to stdout
+    additionalHeaders: # specifies HTTP headers to include in audit logs
   # Add any other Redpanda Console configuration here
 ----
 
@@ -194,6 +197,7 @@ console:
           brokers: ["redpanda-0:9092","redpanda-1:9092","redpanda-2:9092"]
         auditLog:
           enabled: false   # default; set to true to write audit logs to stdout
+          additionalHeaders: # specifies HTTP headers to include in audit logs
 ----
 
 [[config-yaml]]
diff --git a/modules/shared/attachments/redpanda-console-config.yaml b/modules/shared/attachments/redpanda-console-config.yaml
index d797b6c6a8..1ecdcf7eea 100644
--- a/modules/shared/attachments/redpanda-console-config.yaml
+++ b/modules/shared/attachments/redpanda-console-config.yaml
@@ -273,6 +273,7 @@ console:
     #     passphrase: <optional_passphrase>
   auditLog:
     enabled: false   # default; set to true to write audit logs to stdout
+    additionalHeaders: # specifies HTTP headers to include in audit logs
 
 #----------------------------------------------------------------------------
 # Server settings

From 6c69301ebba8551e11f7225f3cafec38a2baea85 Mon Sep 17 00:00:00 2001
From: micheleRP <michele@redpanda.com>
Date: Fri, 29 Aug 2025 14:05:13 -0600
Subject: [PATCH 13/13] add X-Forwarded-For, User-Agent

---
 modules/console/pages/config/configure-console.adoc     | 6 ++++++
 modules/shared/attachments/redpanda-console-config.yaml | 2 ++
 2 files changed, 8 insertions(+)

diff --git a/modules/console/pages/config/configure-console.adoc b/modules/console/pages/config/configure-console.adoc
index 9c00356494..7ce81546e4 100644
--- a/modules/console/pages/config/configure-console.adoc
+++ b/modules/console/pages/config/configure-console.adoc
@@ -98,6 +98,8 @@ spec:
           auditLog:
             enabled: false   # default; set to true to write audit logs to stdout
             additionalHeaders:   # specifies HTTP headers to include in audit logs
+              - "X-Forwarded-For"
+              - "User-Agent"
           # Add any other Redpanda Console configuration here
 ----
 +
@@ -160,6 +162,8 @@ config:
   auditLog:
     enabled: false   # default; set to true to write audit logs to stdout
     additionalHeaders: # specifies HTTP headers to include in audit logs
+      - "X-Forwarded-For"
+      - "User-Agent"
   # Add any other Redpanda Console configuration here
 ----
 
@@ -198,6 +202,8 @@ console:
         auditLog:
           enabled: false   # default; set to true to write audit logs to stdout
           additionalHeaders: # specifies HTTP headers to include in audit logs
+            - "X-Forwarded-For"
+            - "User-Agent"
 ----
 
 [[config-yaml]]
diff --git a/modules/shared/attachments/redpanda-console-config.yaml b/modules/shared/attachments/redpanda-console-config.yaml
index 1ecdcf7eea..6a5427a814 100644
--- a/modules/shared/attachments/redpanda-console-config.yaml
+++ b/modules/shared/attachments/redpanda-console-config.yaml
@@ -274,6 +274,8 @@ console:
   auditLog:
     enabled: false   # default; set to true to write audit logs to stdout
     additionalHeaders: # specifies HTTP headers to include in audit logs
+      - "X-Forwarded-For"
+      - "User-Agent"
 
 #----------------------------------------------------------------------------
 # Server settings