Filter audit logs based on openshift-api-server and kubernetes-api-server and then forward them to the destination:

As audit logs have  these 2 different paths, see doc [0]:
[0] https://docs.openshift.com/container-platform/4.14/security/audit-log-view.html#:~:text=To%20view%20the%20audit%20logs%3A

In the document [1] the filters type is fixed to kubeAPIAudit, customer is looking for a feature to segregate audit logs based on their origin such as kubeAPIAudit and OpenshiftAPIAudit:
[1] https://docs.openshift.com/container-platform/4.14/logging/log_collection_forwarding/configuring-log-forwarding.html#logging-audit-[…]0%23%20Don%27t