I am making an api call in opa policy and when api throws an error or exception I need a way to track those errors in the console logs. Is there a way to customize decision logs and logs those errors with log level as error and also let's say I am middle of policy validation and one of the header is missing or some field is invalid I want to log such thing as error. So that when I look into container logs I should able to figure it out why opa allow decision is false

Question

I am making an api call in opa policy and when api throws an error or exception I need a way to track those errors in the console logs. Is there a way to customize decision logs and logs those errors with log level as error and also let's say I am middle of policy validation and one of the header is missing or some field is invalid I want to log such thing as error. So that when I look into container logs I should able to figure it out why opa allow decision is false

Closed this issue 2 months ago · 1 comments

What is the underlying problem you're trying to solve?

This will tell me where exactly my opa validation failed or what cause the opa validation allowed as false.

Since I didn't any solution I used print statement when an error occurs but when use print statement the decision log is coming as log level as info that doesn't help me when I set log level as error instead of info

Describe the ideal solution

Describe a "Good Enough" solution

Additional Context

Answer 1 · 2024-04-12T17:24:52.000Z

So that when I look into container logs I should able to figure it out why opa allow decision is false

You can define your policy to return an object response for example which can contain more context about why a decision was made. More on that here. This will then be included in the decision logs.

Feel free to start a Discussions thread if you need more help on this. Also sharing your policy, input and other relevant data is always helpful. Thanks.