diff --git a/audit/format.go b/audit/format.go
index 506f39dbb..d595f2fd1 100644
--- a/audit/format.go
+++ b/audit/format.go
@@ -92,9 +92,9 @@ func (f *AuditFormatter) FormatRequest(ctx context.Context, w io.Writer, config
 		reqType = "request"
 	}
 	reqEntry := &AuditRequestEntry{
-		Type:  reqType,
-		Error: errString,
-
+		Type:          reqType,
+		Error:         errString,
+		ForwardedFrom: req.ForwardedFrom,
 		Auth: &AuditAuth{
 			ClientToken:               auth.ClientToken,
 			Accessor:                  auth.Accessor,
@@ -297,8 +297,9 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config
 		respType = "response"
 	}
 	respEntry := &AuditResponseEntry{
-		Type:  respType,
-		Error: errString,
+		Type:      respType,
+		Error:     errString,
+		Forwarded: req.ForwardedFrom != "",
 		Auth: &AuditAuth{
 			ClientToken:               auth.ClientToken,
 			Accessor:                  auth.Accessor,
@@ -392,21 +393,23 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config
 
 // AuditRequestEntry is the structure of a request audit log entry in Audit.
 type AuditRequestEntry struct {
-	Time    string        `json:"time,omitempty"`
-	Type    string        `json:"type,omitempty"`
-	Auth    *AuditAuth    `json:"auth,omitempty"`
-	Request *AuditRequest `json:"request,omitempty"`
-	Error   string        `json:"error,omitempty"`
+	Time          string        `json:"time,omitempty"`
+	Type          string        `json:"type,omitempty"`
+	Auth          *AuditAuth    `json:"auth,omitempty"`
+	Request       *AuditRequest `json:"request,omitempty"`
+	Error         string        `json:"error,omitempty"`
+	ForwardedFrom string        `json:"forwarded_from,omitempty"` // Populated in Enterprise when a request is forwarded
 }
 
 // AuditResponseEntry is the structure of a response audit log entry in Audit.
 type AuditResponseEntry struct {
-	Time     string         `json:"time,omitempty"`
-	Type     string         `json:"type,omitempty"`
-	Auth     *AuditAuth     `json:"auth,omitempty"`
-	Request  *AuditRequest  `json:"request,omitempty"`
-	Response *AuditResponse `json:"response,omitempty"`
-	Error    string         `json:"error,omitempty"`
+	Time      string         `json:"time,omitempty"`
+	Type      string         `json:"type,omitempty"`
+	Auth      *AuditAuth     `json:"auth,omitempty"`
+	Request   *AuditRequest  `json:"request,omitempty"`
+	Response  *AuditResponse `json:"response,omitempty"`
+	Error     string         `json:"error,omitempty"`
+	Forwarded bool           `json:"forwarded,omitempty"`
 }
 
 type AuditRequest struct {
diff --git a/sdk/logical/request.go b/sdk/logical/request.go
index 5dcd462f6..8a6ac241f 100644
--- a/sdk/logical/request.go
+++ b/sdk/logical/request.go
@@ -243,6 +243,9 @@ type Request struct {
 	// InboundSSCToken is the token that arrives on an inbound request, supplied
 	// by the vault user.
 	InboundSSCToken string
+
+	// When a request has been forwarded, contains information of the host the request was forwarded 'from'
+	ForwardedFrom string `json:"forwarded_from,omitempty"`
 }
 
 // Clone returns a deep copy of the request by using copystructure