diff --git a/template/stacks/monitoring/alloy/values.yaml b/template/stacks/monitoring/alloy/values.yaml
index a2ac67d..d24bc06 100644
--- a/template/stacks/monitoring/alloy/values.yaml
+++ b/template/stacks/monitoring/alloy/values.yaml
@@ -1,10 +1,18 @@
 alloy:
+  
+  extraPorts:
+    - name: "tcpsocket"
+      port: 1514
+      targetPort: 1514
+      protocol: "TCP"
+      appProtocol: "tcp"
+
+  uiPathPrefix: "/alloy"
+
   create: false
   name: alloy-config
   key: config.alloy
 
-  uiPathPrefix: "/alloy"
-
   configMap:
     content: |-
 
@@ -72,7 +80,11 @@ alloy:
 
       }
 
-      loki.source.kubernetes "all_pod_logs" {
-        targets    = discovery.relabel.pod_logs.output
+
+      loki.source.syslog "tcp_socket" {
+        listener {
+          address = "0.0.0.0:1514"
+          labels   = { component = "loki.source.syslog", protocol = "tcp" }
+        }
         forward_to = [loki.write.local_loki.receiver]
-      }
+      }
\ No newline at end of file
diff --git a/template/stacks/ref-implementation/openbao-logging-setup.yaml b/template/stacks/ref-implementation/openbao-logging-setup.yaml
new file mode 100644
index 0000000..d6f9bc6
--- /dev/null
+++ b/template/stacks/ref-implementation/openbao-logging-setup.yaml
@@ -0,0 +1,29 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: openbao-logging-setup
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder
+    targetRevision: HEAD
+    path: "stacks/ref-implementation/openbao-logging"
+  destination:
+    server: "https://kubernetes.default.svc"
+    namespace: openbao
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+    automated:
+      selfHeal: true
+    retry:
+      limit: -1
+      backoff:
+        duration: 15s
+        factor: 1
+        maxDuration: 15s
diff --git a/template/stacks/ref-implementation/openbao-logging/create-logging-directory.yaml b/template/stacks/ref-implementation/openbao-logging/create-logging-directory.yaml
new file mode 100644
index 0000000..1a0b0d0
--- /dev/null
+++ b/template/stacks/ref-implementation/openbao-logging/create-logging-directory.yaml
@@ -0,0 +1,37 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: openbao-logging-dir
+  namespace: openbao
+spec:
+  selector:
+    matchLabels:
+      app: openbao-logging-dir
+  template:
+    metadata:
+      labels:
+        app: openbao-logging-dir
+    spec:
+      initContainers:
+      - name: creator
+        image: busybox
+        command: ["/bin/sh", "-c"]
+        args:
+        - |
+          set -e
+          mkdir -p /var/log/openbao
+          chown 100:100 /var/log/openbao
+        securityContext:
+          runAsUser: 0 
+        volumeMounts:
+        - name: host-log
+          mountPath: /var/log
+      containers:
+      - name: running-container
+        image: busybox
+        command: ["sleep", "infinity"]
+      volumes:
+      - name: host-log
+        hostPath:
+          path: /var/log
+          type: Directory
\ No newline at end of file
diff --git a/template/stacks/ref-implementation/openbao-logging/logrotate.yaml b/template/stacks/ref-implementation/openbao-logging/logrotate.yaml
new file mode 100644
index 0000000..4c2be6f
--- /dev/null
+++ b/template/stacks/ref-implementation/openbao-logging/logrotate.yaml
@@ -0,0 +1,56 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: openbao-logrotate
+  namespace: openbao
+spec:
+  selector:
+    matchLabels:
+      app: openbao-logrotate
+  template:
+    metadata:
+      labels:
+        app: openbao-logrotate
+    spec:
+      containers:
+      - name: logrotate
+        image: alpine
+        command: ["/bin/sh", "-c"]
+        args:
+        - |
+          apk add --no-cache logrotate
+          while true; do logrotate -f /etc/logrotate.d/openbao; sleep 60; done
+        volumeMounts:
+        - name: logrotate-config
+          mountPath: /etc/logrotate.d/openbao
+          subPath: openbao
+        - name: host-log
+          mountPath: /var/log/openbao
+      volumes:
+      - name: logrotate-config
+        configMap:
+          name: openbao-logrotate-config
+      - name: host-log
+        hostPath:
+          path: /var/log
+          type: Directory
+---
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: openbao-logrotate-config
+  namespace: openbao
+data:
+  openbao: |
+    /var/log/openbao/openbao/*.log {
+    size 5k
+    rotate 7
+    compress
+    missingok
+    notifempty
+    postrotate
+        mkdir pupa
+        kill -SIGHUP $(pidof bao)
+    endscript
+    }
\ No newline at end of file
diff --git a/template/stacks/ref-implementation/openbao-logging/sidecar-container-alloy-configmap.yaml b/template/stacks/ref-implementation/openbao-logging/sidecar-container-alloy-configmap.yaml
new file mode 100644
index 0000000..1b89a78
--- /dev/null
+++ b/template/stacks/ref-implementation/openbao-logging/sidecar-container-alloy-configmap.yaml
@@ -0,0 +1,26 @@
+# apiVersion: v1
+# kind: ConfigMap
+# metadata:
+#   name: sidecar-container-alloy-config
+# data:
+#   config.alloy: |
+#     logging {
+#       level  = "info"
+#       format = "logfmt"
+#     }
+
+#     loki.write "local_loki" {
+#       endpoint {
+#           url = "http://loki-loki-distributed-gateway.monitoring.svc.cluster.local/loki/api/v1/push"
+#       }
+#     }
+
+#     local.file_match "applogs" {
+#       path_targets = [{"__path__" = "/openbao/logs/*"}]
+#       sync_period = "5s"
+#     }
+
+#     loki.source.file "openbao_logs" {
+#       targets    = local.file_match.applogs.targets
+#       forward_to = [loki.write.local_loki.receiver]
+#     }
\ No newline at end of file
diff --git a/template/stacks/ref-implementation/openbao/values.yaml b/template/stacks/ref-implementation/openbao/values.yaml
index 0ff72cf..233b44d 100644
--- a/template/stacks/ref-implementation/openbao/values.yaml
+++ b/template/stacks/ref-implementation/openbao/values.yaml
@@ -1,9 +1,41 @@
 server:
+  # extraContainers:
+  #   - name: grafana-alloy
+  #     image: grafana/alloy:latest
+  #     ports:
+  #       - containerPort: 12345
+  #     securityContext:
+  #       runAsUser: 100
+  #     volumeMounts:
+  #           - name: alloy-data
+  #             mountPath: /var/lib/alloy
+  #           - name: config-volume
+  #             mountPath: /etc/alloy
+  #           - name: host-log-storage
+  #             mountPath: /openbao/logs
+    
+  volumes:
+    # - name: alloy-data
+    #   emptyDir: {}
+    # - name: config-volume
+    #   configMap: 
+    #     name: sidecar-container-alloy-config
+    - name: host-log-storage
+      hostPath:
+        path: /var/log
+        type: Directory
+
+  volumeMounts:
+    - mountPath: /openbao/logs
+      name: host-log-storage
+      readOnly: false
+
   postStart:
     - sh
     - -c
     - |
       sleep 10
+      rm -rf /openbao/data/*
       bao operator init >> /tmp/init.txt
       cat /tmp/init.txt | grep "Key " | awk '{print $NF}' | xargs -I{} bao operator unseal {}
       echo $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/initial_token.txt
@@ -12,6 +44,9 @@ server:
       echo $(grep "Unseal Key 3:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key3.txt
       echo $(grep "Unseal Key 4:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key4.txt
       echo $(grep "Unseal Key 5:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key5.txt
+      bao login $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}')
       rm /tmp/init.txt
+      bao audit enable -path="stdout" file file_path=stdout
+      bao audit enable -path="file" file file_path=/openbao/logs/openbao/openbao.log
 ui:
-  enabled: true
+  enabled: true
\ No newline at end of file