diff --git a/config.py b/config.py
index 070ccbdb1..26b60fa9e 100644
--- a/config.py
+++ b/config.py
@@ -273,9 +273,8 @@ class DefaultConfig(object):
   SYSTEM_LOGS_FILE = "/var/log/syslog"
   SYSTEM_SERVICES_PATH = "conf/init/service/"
 
-  # Disallow all registry operations if unable to write to the audit log
-  # When disabled, registry pulls are allowed despite any failures to write to audit log
-  STRICT_AUDIT_LOG=true
+  # Allow registry pulls when unable to write to the audit log
+  ALLOW_PULLS_WITHOUT_STRICT_LOGGING = False
 
   # Services that should not be shown in the logs view.
   SYSTEM_SERVICE_BLACKLIST = []
diff --git a/data/model/log.py b/data/model/log.py
index eb52b96ef..92fc55e5e 100644
--- a/data/model/log.py
+++ b/data/model/log.py
@@ -1,13 +1,16 @@
 import json
+import logging
 
 from calendar import timegm
-from peewee import JOIN_LEFT_OUTER, fn
+from peewee import JOIN_LEFT_OUTER, fn, PeeweeException
 from datetime import datetime, timedelta
 from cachetools import lru_cache
 
 from data.database import LogEntry, LogEntryKind, User, RepositoryActionCount, db
 from data.model import config, user, DataModelException
 
+logger = logging.getLogger(__name__)
+
 def _logs_query(selections, start_time, end_time, performer=None, repository=None, namespace=None,
                 ignore=None):
   joined = (LogEntry
@@ -109,9 +112,17 @@ def log_action(kind_name, user_or_organization_name, performer=None, repository=
 
   kind = _get_log_entry_kind(kind_name)
   metadata_json = json.dumps(metadata, default=_json_serialize)
-  LogEntry.create(kind=kind, account=account, performer=performer,
-                  repository=repository, ip=ip, metadata_json=metadata_json,
-                  datetime=timestamp)
+  try:
+    LogEntry.create(kind=kind, account=account, performer=performer,
+                    repository=repository, ip=ip, metadata_json=metadata_json,
+                    datetime=timestamp)
+  except PeeweeException:
+    if kind_name is 'pull_repo' and config.app_config.get('ALLOW_PULLS_WITHOUT_STRICT_LOGGING'):
+      logger.warning('log_action failed: kind=%s account=%s user=%s repo=%s ip=%s metadata=%s',
+                       kind_name, account, performer, repository, ip, metadata_json)
+    else:
+      raise
+
 
 
 def get_stale_logs_start_id():