diff --git a/src/eventlogdb.js b/src/eventlogdb.js
index 0dc8e8bef..705022b32 100644
--- a/src/eventlogdb.js
+++ b/src/eventlogdb.js
@@ -115,8 +115,8 @@ function upsert(id, action, source, data, callback) {
 
     // can't do a real sql upsert, for frequent eventlog entries we only have to do 2 queries once a day
     var queries = [{
-        query: 'UPDATE eventlog SET creationTime=NOW(), data="?" WHERE action = ? AND source LIKE ? AND DATE(creationTime)=CURDATE()',
-        args: [ data, action, JSON.stringify(source) ]
+        query: 'UPDATE eventlog SET creationTime=NOW(), data=? WHERE action = ? AND source LIKE ? AND DATE(creationTime)=CURDATE()',
+        args: [ JSON.stringify(data), action, JSON.stringify(source) ]
     }, {
         query: 'SELECT * FROM eventlog WHERE action = ? AND source LIKE ? AND DATE(creationTime)=CURDATE()',
         args: [ action, JSON.stringify(source) ]
diff --git a/src/ldap.js b/src/ldap.js
index 2ee930812..c2626585d 100644
--- a/src/ldap.js
+++ b/src/ldap.js
@@ -444,7 +444,7 @@ function authorizeUserForApp(req, res, next) {
         // we return no such object, to avoid leakage of a users existence
         if (!result) return next(new ldap.NoSuchObjectError(req.dn.toString()));
 
-        eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', appId: req.app.id, app: req.app }, { userId: req.user.id, user: users.removePrivateFields(req.user) });
+        eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', appId: req.app.id }, { userId: req.user.id, user: users.removePrivateFields(req.user) });
 
         res.end();
     });
diff --git a/src/routes/oauth2.js b/src/routes/oauth2.js
index 625ec6326..1cc40f81d 100644
--- a/src/routes/oauth2.js
+++ b/src/routes/oauth2.js
@@ -44,10 +44,16 @@ var apps = require('../apps.js'),
     util = require('util'),
     _ = require('underscore');
 
-// appObject is optional here
-function auditSource(req, appId, appObject) {
-    var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
-    return { authType: 'oauth', ip: ip, appId: appId, app: appObject };
+// appId is optional here
+function auditSource(req, appId) {
+    var tmp = {
+        authType: 'oauth',
+        ip: req.headers['x-forwarded-for'] || req.connection.remoteAddress || null
+    };
+
+    if (appId) tmp.appId = appId;
+
+    return tmp;
 }
 
 var gServer = null;
@@ -484,7 +490,7 @@ function authorization() {
                     if (error) return sendError(req, res, 'Internal error');
                     if (!access) return sendErrorPageOrRedirect(req, res, 'No access to this app.');
 
-                    eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, appObject.id, appObject), { userId: req.oauth2.user.id, user: users.removePrivateFields(req.oauth2.user) });
+                    eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, appObject.id), { userId: req.oauth2.user.id, user: users.removePrivateFields(req.oauth2.user) });
 
                     next();
                 });