Hi Like Julian is saying this is rather straight forward using and Audit Sink Policy. Se example attached.
<wsp:Policy xmlns:L7p="http://www.layer7tech.com/ws/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
<wsp:All wsp:Usage="Required">
<L7p:AuditRecordToXml/>
<L7p:ComparisonAssertion>
<L7p:CaseSensitive booleanValue="false"/>
<L7p:Expression1 stringValue="${audit.component}"/>
<L7p:Expression2 stringValue="Trusted Certificate Store"/>
<L7p:Predicates predicates="included">
<L7p:item binary="included">
<L7p:CaseSensitive booleanValue="false"/>
<L7p:RightValue stringValue="Trusted Certificate Store"/>
</L7p:item>
</L7p:Predicates>
</L7p:ComparisonAssertion>
<L7p:EmailAlert>
<L7p:Base64message stringValue="Q29tcG9uZW50OiAke2F1ZGl0LmNvbXBvbmVudH0KTGV2ZWw6ICR7YXVkaXQubGV2ZWxTdHJ9Ck1lc3NhZ2U6ICR7YXVkaXQubWVzc2FnZX0KVGltZTogJHthdWRpdC5kZXRhaWxzLjAudGltZX0KCkRldGFpbHM6ICR7YXVkaXQuZGV0YWlscy4wLmZ1bGxUZXh0fQo="/>
<L7p:SmtpHost stringValue="10.73.76.178"/>
<L7p:Subject stringValue="CA API Gateway Email Alert | ${audit.message}"/>
<L7p:TargetEmailAddress stringValue="admin@organization.com"/>
</L7p:EmailAlert>
<L7p:FalseAssertion>
<L7p:Enabled booleanValue="false"/>
</L7p:FalseAssertion>
</wsp:All>
</wsp:Policy>