diff --git a/doc/source/audit.rst b/doc/source/audit.rst
new file mode 100644
index 0000000..1a76d47
--- /dev/null
+++ b/doc/source/audit.rst
@@ -0,0 +1,27 @@
+Audit
+=====
+
+Anchor produces audit messages using the PyCADF library and aims for CADF
+compatibility. The two events being emited right now are ``audit.sign`` and
+``audit.auth``, used for certificate signing and authentication events
+respectively.
+
+In the configuration, audit events can be sent either to the log stream, or
+to the standard openstack message queue. This is configured using the
+``audit.target`` option. See the :doc:`configuration section <configuration>`
+for more details.
+
+Capturing events in Ceilometer
+------------------------------
+
+In order to get events processed by Ceilometer, two configuration files need to
+be provided - event pipeline and definitions. The default
+``event_pipeline.yaml`` as described in Ceilometer documentation is compatible
+with Anchor. As for ``event_definitions.yaml``, it needs to include the
+``audit.auth`` and ``audit.sign`` events.
+
+On the Ceilometer side, it needs the `notification agent`_ installed in order
+to receive data from the message queue. Add incoming events will then be saved
+and visible after running ``ceilometer event-list``.
+
+.. _notification agent: http://docs.openstack.org/developer/ceilometer/architecture.html#notification-agents-listening-for-data
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst
index e03fa93..dcedd6c 100644
--- a/doc/source/configuration.rst
+++ b/doc/source/configuration.rst
@@ -168,6 +168,33 @@ Each validator has its own set of parameters described separately in the
 :doc:`fixups section </fixups>`
 
 
+Audit
+-----
+
+Audit has two possible targets: ``log`` for output in the standard logging
+stream and ``messaging`` for the openstack message queue. The first one doesn't
+require any extra options:
+
+.. code:: json
+
+  {
+    "audit": {
+      "target": "log"
+    }
+  }
+
+The message queue version requires defining a target in a way compatible with
+``oslo_messaging`` `transport URIs`_. For example:
+
+.. code:: json
+
+  {
+    "audit": {
+      "target": "messaging",
+      "url": "rabbit:guest@localhost:5672"
+    }
+  }
+
 Example configuration
 ---------------------
 
@@ -209,3 +236,5 @@ Example configuration
       }
     }
   }
+
+.. _transport URIs: https://wiki.openstack.org/wiki/Oslo/Messaging#Transports
diff --git a/doc/source/index.rst b/doc/source/index.rst
index 87bf682..8d0070c 100644
--- a/doc/source/index.rst
+++ b/doc/source/index.rst
@@ -19,6 +19,7 @@ Contents:
    ephemeralPKI
    validators
    fixups
+   audit
 
 
 Indices and tables