diff --git a/log-1.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf b/log-1.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf
index 35a34468..c5d2664e 100644
--- a/log-1.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf
+++ b/log-1.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf
@@ -1,6 +1,7 @@
 local0.*	-/var/log/eidas_audit.log
 local1.*	-/var/log/eidas_fticks.log
 local2.*	-/var/log/eidas_process.log
-local3.*	-/var/log/eidas_proxy.log
+$template messageOnlyProxy,"%msg%\n"
+local3.*        -/var/log/eidas_proxy.log; messageOnlyProxy
 $template messageOnly,"{\"type\":%msg%\n"
 local4.*        -/var/log/eidas_stats.log; messageOnly
diff --git a/log-1.sveidas.se/overlay/etc/telegraf/telegraf.conf.d/50-json-input.conf b/log-1.sveidas.se/overlay/etc/telegraf/telegraf.conf.d/50-json-input.conf
index 09ab4dcf..7fbe249d 100644
--- a/log-1.sveidas.se/overlay/etc/telegraf/telegraf.conf.d/50-json-input.conf
+++ b/log-1.sveidas.se/overlay/etc/telegraf/telegraf.conf.d/50-json-input.conf
@@ -6,3 +6,29 @@
   json_time_key = "timestamp"
   json_time_format = "unix_ms"
   json_timezone = "Local"
+  files = ["/var/log/eidas_proxy.log"]
+  data_format = "json"
+  tag_keys = ["type",
+              "timestamp",
+              "connectorEntityId",
+              "requesterId",
+              "loaMatching",
+              "connectorCuntry",
+              "spType",
+              "requestedLoa",
+              "eidasResponseLoA",
+              "eidasRequestId",
+              "eidasResponseId",
+              "principal",
+              "nationalAssertionId",
+              "nationalRequestId",
+              "nationalIdP",
+              "eIDASAssertionIssueTime",
+              "eidasAssertionId"]
+  json_time_key = "timestamp"
+  json_time_format = "unix_ms"
+  json_timezone = "Local"
+[[processors.parser]]
+  parse_fields = ["message"]
+  merge = "override"
+  data_format = "json"
diff --git a/log-2.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf b/log-2.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf
index 56e9b454..c5d2664e 100644
--- a/log-2.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf
+++ b/log-2.sveidas.se/overlay/etc/rsyslog.d/99-audit.conf
@@ -1,6 +1,7 @@
 local0.*	-/var/log/eidas_audit.log
 local1.*	-/var/log/eidas_fticks.log
 local2.*	-/var/log/eidas_process.log
-local3.*        -/var/log/eidas_proxy.log
+$template messageOnlyProxy,"%msg%\n"
+local3.*        -/var/log/eidas_proxy.log; messageOnlyProxy
 $template messageOnly,"{\"type\":%msg%\n"
 local4.*        -/var/log/eidas_stats.log; messageOnly
diff --git a/log-2.sveidas.se/overlay/etc/telegraf/telegraf.conf.d/50-json-input.conf b/log-2.sveidas.se/overlay/etc/telegraf/telegraf.conf.d/50-json-input.conf
index 09ab4dcf..7fbe249d 100644
--- a/log-2.sveidas.se/overlay/etc/telegraf/telegraf.conf.d/50-json-input.conf
+++ b/log-2.sveidas.se/overlay/etc/telegraf/telegraf.conf.d/50-json-input.conf
@@ -6,3 +6,29 @@
   json_time_key = "timestamp"
   json_time_format = "unix_ms"
   json_timezone = "Local"
+  files = ["/var/log/eidas_proxy.log"]
+  data_format = "json"
+  tag_keys = ["type",
+              "timestamp",
+              "connectorEntityId",
+              "requesterId",
+              "loaMatching",
+              "connectorCuntry",
+              "spType",
+              "requestedLoa",
+              "eidasResponseLoA",
+              "eidasRequestId",
+              "eidasResponseId",
+              "principal",
+              "nationalAssertionId",
+              "nationalRequestId",
+              "nationalIdP",
+              "eIDASAssertionIssueTime",
+              "eidasAssertionId"]
+  json_time_key = "timestamp"
+  json_time_format = "unix_ms"
+  json_timezone = "Local"
+[[processors.parser]]
+  parse_fields = ["message"]
+  merge = "override"
+  data_format = "json"