diff --git a/manifests/init.pp b/manifests/init.pp
index 8e7780f58..370eadaf3 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -17,8 +17,9 @@
 #     Defaults to False.
 #   [debug] Rather keystone should log at debug level. Optional.
 #     Defaults to False.
-#   [use_syslog] Rather or not keystone should log to syslog. Optional.
+#   [use_syslog] Use syslog for logging. Optional.
 #     Defaults to False.
+#   [log_facility] Syslog facility to receive log lines. Optional.
 #   [catalog_type] Type of catalog that keystone uses to store endpoints,services. Optional.
 #     Defaults to sql. (Also accepts template)
 #   [token_format] Format keystone uses for tokens. Optional. Defaults to PKI.
@@ -59,6 +60,7 @@ class keystone(
   $verbose        = false,
   $debug          = false,
   $use_syslog     = false,
+  $log_facility   = 'LOG_USER',
   $catalog_type   = 'sql',
   $token_format   = 'PKI',
   $token_driver   = 'keystone.token.backends.sql.Token',
@@ -75,11 +77,6 @@ class keystone(
   Keystone_config<||> ~> Exec<| title == 'keystone-manage db_sync'|>
   Keystone_config<||> ~> Exec<| title == 'keystone-manage pki_setup'|>
 
-  # TODO implement syslog features
-  if ( $use_syslog != false) {
-    fail('use syslog currently only accepts false')
-  }
-
   include keystone::params
 
   File {
@@ -206,4 +203,16 @@ class keystone(
       require     => User['keystone'],
     }
   }
+
+  # Syslog configuration
+  if $use_syslog {
+    keystone_config {
+      'DEFAULT/use_syslog':           value => true;
+      'DEFAULT/syslog_log_facility':  value => $log_facility;
+    }
+  } else {
+    keystone_config {
+      'DEFAULT/use_syslog':           value => false;
+    }
+  }
 }
diff --git a/spec/classes/keystone_spec.rb b/spec/classes/keystone_spec.rb
index 513638b95..bc7a05244 100644
--- a/spec/classes/keystone_spec.rb
+++ b/spec/classes/keystone_spec.rb
@@ -16,7 +16,6 @@ describe 'keystone' do
       'compute_port'    => '8774',
       'verbose'         => false,
       'debug'           => false,
-      'use_syslog'      => false,
       'catalog_type'    => 'sql',
       'token_format'    => 'PKI',
       'token_driver'    => 'keystone.token.backends.sql.Token',
@@ -163,4 +162,37 @@ describe 'keystone' do
       end
     end
   end
+
+  describe 'with syslog disabled by default' do
+    let :params do
+      default_params
+    end
+
+    it { should contain_keystone_config('DEFAULT/use_syslog').with_value(false) }
+    it { should_not contain_keystone_config('DEFAULT/syslog_log_facility') }
+  end
+
+  describe 'with syslog enabled' do
+    let :params do
+      default_params.merge({
+        :use_syslog   => 'true',
+      })
+    end
+
+    it { should contain_keystone_config('DEFAULT/use_syslog').with_value(true) }
+    it { should contain_keystone_config('DEFAULT/syslog_log_facility').with_value('LOG_USER') }
+  end
+
+  describe 'with syslog enabled and custom settings' do
+    let :params do
+      default_params.merge({
+        :use_syslog   => 'true',
+        :log_facility => 'LOG_LOCAL0'
+     })
+    end
+
+    it { should contain_keystone_config('DEFAULT/use_syslog').with_value(true) }
+    it { should contain_keystone_config('DEFAULT/syslog_log_facility').with_value('LOG_LOCAL0') }
+  end
+
 end