diff --git a/parts/k8s/manifests/kubernetesmaster-kube-apiserver.yaml b/parts/k8s/manifests/kubernetesmaster-kube-apiserver.yaml
index b1a3106b11..51505f8ff5 100644
--- a/parts/k8s/manifests/kubernetesmaster-kube-apiserver.yaml
+++ b/parts/k8s/manifests/kubernetesmaster-kube-apiserver.yaml
@@ -23,6 +23,8 @@ spec:
           readOnly: true
         - name: "sock"
           mountPath: "/opt"
+        - name: "auditlog"
+          mountPath: "/var/log/kubeaudit"
   volumes:
     - name: "etc-kubernetes"
       hostPath:
@@ -36,3 +38,6 @@ spec:
     - name: "sock"
       hostPath:
         path: "/opt"
+    - name: "auditlog"
+      hostPath:
+        path: "/var/log/kubeaudit"
diff --git a/pkg/acsengine/defaults-apiserver.go b/pkg/acsengine/defaults-apiserver.go
index 0a1b2bf862..885e17a6af 100644
--- a/pkg/acsengine/defaults-apiserver.go
+++ b/pkg/acsengine/defaults-apiserver.go
@@ -15,7 +15,7 @@ func setAPIServerConfig(cs *api.ContainerService) {
 		"--advertise-address":          "<kubernetesAPIServerIP>",
 		"--allow-privileged":           "true",
 		"--anonymous-auth":             "false",
-		"--audit-log-path":             "/var/log/audit.log",
+		"--audit-log-path":             "/var/log/kubeaudit/audit.log",
 		"--insecure-port":              "8080",
 		"--secure-port":                "443",
 		"--service-account-lookup":     "true",