Expose principal in the messages so that it is easier to correlate things.

I filed RFE tickets for respective components.

I don't have access to the internal Bugzilla, but can I ask that the logs are written in a structured key:value manner rather than simply writing out the current text line to a single journald field?
I know that this is extra work, but FreeIPA/IdM forms part of the security for a given estate, so any enhancement to being able to detect events in centralised logs is a benefit.
Apache HTTP Server 2.5 recently added this kind of capability: http://httpd.apache.org/docs/trunk/mod/mod_journald.html

Thanks for the tip. Note that all referred Bugzillas are open for public, so please feel free to comment, especially for the httpd one - there was related update regarding the Apache and journald - https://bugzilla.redhat.com/show_bug.cgi?id=1168956#c1.

Is there any progress on this? I saw that it was being slated for 4.3 at one point, but now it's in the 4.4 backlog.

Thank you taking time to submit this request for FreeIPA. Unfortunately this bug was not given priority and the team lacks the capacity to work on it at this time.

Given that we are unable to fulfil this request I am closing the issue as wontfix. To request re-consideration of this decision please reopen this issue and provide additional technical details about its importance to you.