Hi,
we have been working on the logging in the current release: privacyIDEA 3.3 Released
There is also a pretty exhaustive HowTo for working with Logstash: Event-based logging with privacyIDEA and Logstash
Also in the new release is the PI_AUDIT_LOGGER_QUALNAME configuration which sets an explicit qualname for the audit log data.
If You set this to i.e. PI_AUDIT_LOGGER_QUALNAME = 'pi-audit' and use this logging configuration:
[handler_audit]
class=logging.handlers.RotatingFileHandler
backupCount=14
maxBytes=10000000
formatter=detail
level=INFO
args=('/path/to/audit.log',)
[logger_audit]
handlers=audit
qualname=pi-audit
level=INFO
You should be able to log all audit entries into the file.