diff --git a/cmd/auditd/auditd.go b/cmd/auditd/auditd.go
index dbb262d036e1cd2936a9ed63376b7083c7c08d2b..07bdd9a77617da88f3154b3dd4e7eb5a05149dfe 100644
--- a/cmd/auditd/auditd.go
+++ b/cmd/auditd/auditd.go
@@ -5,20 +5,26 @@ import (
 	"fmt"
 	"log"
 
+	"git.autistici.org/ai/audit"
 	"git.autistici.org/ai/audit/server"
 )
 
 var (
-	sslCa   = flag.String("ssl-ca", "/etc/ai/internal_ca.pem", "SSL CA file")
-	sslCert = flag.String("ssl-cert", "/etc/ai/localhost_internal.pem", "SSL certificate file")
-	sslKey  = flag.String("ssl-key", "/etc/ai/localhost_internal.key", "SSL private key file")
-	dbDir   = flag.String("data-dir", "/var/lib/auditd", "Path to the database directory")
-	port    = flag.Int("port", 1717, "TCP port to listen on")
+	sslCa        = flag.String("ssl-ca", "/etc/ai/internal_ca.pem", "SSL CA file")
+	sslCert      = flag.String("ssl-cert", "/etc/ai/localhost_internal.pem", "SSL certificate file")
+	sslKey       = flag.String("ssl-key", "/etc/ai/localhost_internal.key", "SSL private key file")
+	dbDir        = flag.String("data-dir", "/var/lib/auditd", "Path to the database directory")
+	port         = flag.Int("port", 1717, "TCP port to listen on")
+	enableSyslog = flag.Bool("syslog", false, "Log to syslog")
 )
 
 func main() {
 	flag.Parse()
 
+	if *enableSyslog {
+		audit.SetupSyslog()
+	}
+
 	db := server.NewDB(*dbDir, nil)
 	server := server.NewHttpServer(db)
 	log.Fatal(server.ListenAndServeTLS(fmt.Sprintf(":%d", *port), *sslCa, *sslCert, *sslKey))
diff --git a/cmd/localauditd/localauditd.go b/cmd/localauditd/localauditd.go
index 02af2404a3435a1e0ed317af1791309c02fb9627..b0a9a5c7f460d653aa261cc89b4339090a016eab 100644
--- a/cmd/localauditd/localauditd.go
+++ b/cmd/localauditd/localauditd.go
@@ -21,12 +21,13 @@ import (
 )
 
 var (
-	sslCa      = flag.String("ssl-ca", "/etc/ai/internal_ca.pem", "SSL CA file")
-	sslCert    = flag.String("ssl-cert", "/etc/ai/localhost_internal.pem", "SSL certificate file")
-	sslKey     = flag.String("ssl-key", "/etc/ai/localhost_internal.key", "SSL private key file")
-	spoolDir   = flag.String("spool-dir", "/var/spool/audit/incoming", "Path to the spool directory")
-	serverUrl  = flag.String("server", "https://logs.m.investici.org:1717", "URL for the main audit server")
-	socketPath = flag.String("socket", "/var/run/audit/local", "Path to the local socket to listen on")
+	sslCa        = flag.String("ssl-ca", "/etc/ai/internal_ca.pem", "SSL CA file")
+	sslCert      = flag.String("ssl-cert", "/etc/ai/localhost_internal.pem", "SSL certificate file")
+	sslKey       = flag.String("ssl-key", "/etc/ai/localhost_internal.key", "SSL private key file")
+	spoolDir     = flag.String("spool-dir", "/var/spool/audit/incoming", "Path to the spool directory")
+	serverUrl    = flag.String("server", "https://logs.m.investici.org:1717", "URL for the main audit server")
+	socketPath   = flag.String("socket", "/var/run/audit/local", "Path to the local socket to listen on")
+	enableSyslog = flag.Bool("syslog", false, "Log to syslog")
 )
 
 // Local store-and-forward audit message server.
@@ -239,6 +240,10 @@ func (s *Spool) Flush(fn func([]byte) error) error {
 func main() {
 	flag.Parse()
 
+	if *enableSyslog {
+		audit.SetupSyslog()
+	}
+
 	tlsConf := audit.TLSClientAuthConfigWithCerts(*sslCa, *sslCert, *sslKey)
 	locald := newLocalServer(*spoolDir, *serverUrl+"/api/1/write", tlsConf)
 	log.Fatal(locald.Serve(*socketPath))
diff --git a/debian/ai-auditd.init b/debian/ai-auditd.init
index b67d6b50d662b3b6c7e0ed425b4254a79271a661..cf52e38d227502f798300bd21c70ca526a178b84 100644
--- a/debian/ai-auditd.init
+++ b/debian/ai-auditd.init
@@ -46,7 +46,7 @@ do_start()
 	start-stop-daemon --start --quiet --background --make-pidfile --pidfile $PIDFILE --chuid $USER --exec $DAEMON --test > /dev/null \
 		|| return 1
 	start-stop-daemon --start --quiet --background --make-pidfile --pidfile $PIDFILE --chuid $USER --exec $DAEMON -- \
-		$DAEMON_ARGS \
+	        --syslog $DAEMON_ARGS \
 		|| return 2
 	# Add code here, if necessary, that waits for the process to be ready
 	# to handle requests from services started subsequently which depend
diff --git a/debian/localauditd.init b/debian/localauditd.init
index a4c4eb346a71b9123c49b81fe512be718da7078d..3e1dc5b92117074a7e51e9f36e26281b3186ebaa 100644
--- a/debian/localauditd.init
+++ b/debian/localauditd.init
@@ -65,7 +65,7 @@ do_start()
 	start-stop-daemon --start --quiet --background --make-pidfile --pidfile $PIDFILE --chuid $USER:$GROUP --umask 007 --exec $DAEMON --test > /dev/null \
 		|| return 1
 	start-stop-daemon --start --quiet --background --make-pidfile --pidfile $PIDFILE --chuid $USER:$GROUP --umask 007 --exec $DAEMON -- \
-		$DAEMON_ARGS \
+		--syslog $DAEMON_ARGS \
 		|| return 2
 	# Add code here, if necessary, that waits for the process to be ready
 	# to handle requests from services started subsequently which depend
diff --git a/logging.go b/logging.go
new file mode 100644
index 0000000000000000000000000000000000000000..187b70b685b2b6cc424a76d9cb3b087b7a6f12c9
--- /dev/null
+++ b/logging.go
@@ -0,0 +1,14 @@
+package audit
+
+import (
+	"log"
+	"log/syslog"
+)
+
+// A very simple way of logging to syslog (with a single priority).
+func SetupSyslog() {
+	if l, err := syslog.New(syslog.LOG_ERR, ""); err == nil {
+		log.SetOutput(l)
+		log.SetFlags(log.Lshortfile)
+	}
+}