*.manifest
*.spec

# Installer logs
pip-log.txt
pip-delete-this-directory.txt

# Unit test / coverage reports
htmlcov/
.tox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
.hypothesis/
.pytest_cache/

# Translations
*.mo
*.pot

# Django stuff:
*.log
local_settings.py
db.sqlite3

# Flask stuff:
instance/

		}
		r = &audit.Entry{
			Version:      internalAudit.Version,
			DeploymentID: xhttp.GlobalDeploymentID,
			Time:         time.Now().UTC(),
		}
		return r
	}
	return nil
}

// AuditLog - logs audit logs to all audit targets.
func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, reqClaims map[string]interface{}, filterKeys ...string) {
	auditTgts := AuditTargets()
	if len(auditTgts) == 0 {
		return
	}

This document explains how to configure MinIO server to log to different logging targets.

## Log Targets

MinIO supports currently two target types

- console
- http

### Logging Console Target

Console target is on always and cannot be disabled.

### Logging HTTP Target

	l := &logOnceType{IDMap: make(map[string]onceErr)}
	go l.cleanupRoutine()
	return l
}

var logOnce = newLogOnceType()

// LogOnceIf - Logs notification errors - once per error.
// id is a unique identifier for related log messages, refer to cmd/notification.go
// on how it is used.
func LogOnceIf(ctx context.Context, subsystem string, err error, id string, errKind ...interface{}) {

	set -x
fi

trap 'catch $LINENO' ERR

# shellcheck disable=SC2120
catch() {
	if [ $# -ne 0 ]; then
		echo "error on line $1"
		echo "dc1 server logs ========="
		cat /tmp/dc1.log
		echo "dc2 server logs ========="
		cat /tmp/dc2.log
	fi

	echo "Cleaning up instances of MinIO"
	set +e
	pkill minio
	pkill mc
	rm -rf /tmp/xl/
}

catch

set -e
export MINIO_CI_CD=1

	return dt.retryInterval
}

// LogSuccess logs the duration of a successful action that
// did not hit the timeout
func (dt *dynamicTimeout) LogSuccess(duration time.Duration) {
	dt.logEntry(duration)
}

// LogFailure logs an action that hit the timeout
func (dt *dynamicTimeout) LogFailure() {
	dt.logEntry(maxDuration)
}

// logEntry stores a log entry
func (dt *dynamicTimeout) logEntry(duration time.Duration) {

	LogOnceIf func(ctx context.Context, err error, id string, errKind ...interface{}) `json:"-"`
}

// Target implements logger.Target and sends the json
// format of a log entry to the configured http endpoint.
// An internal buffer of logs is maintained but when the
// buffer is full, new logs are just ignored and an error
// is returned to the caller.
type Target struct {
	totalMessages  int64
	failedMessages int64
	status         int32

	if req.DeploymentID == "" {
		deploymentID = xhttp.GlobalDeploymentID
	}

	objects := make([]log.ObjectVersion, 0, len(req.Objects))
	for _, ov := range req.Objects {
		objects = append(objects, log.ObjectVersion{
			ObjectName: ov.ObjectName,
			VersionID:  ov.VersionID,
		})
	}

	entry := log.Entry{
		DeploymentID: deploymentID,
		Level:        logKind,
		RemoteHost:   req.RemoteHost,

```sh
podman run -it \
    --name opa \
    --publish 8181:8181 \
    docker.io/openpolicyagent/opa:0.40.0-rootless \
       run --server \
           --log-format=json-pretty \
           --log-level=debug \
           --set=decision_logs.console=true
```

### 2. Create a sample OPA Policy

In another terminal, create a policy that allows root user all access and for all other users denies `PutObject`:

```sh

	set -x
fi

trap 'catch $LINENO' ERR

# shellcheck disable=SC2120
catch() {
	if [ $# -ne 0 ]; then
		echo "error on line $1"
		echo "server logs ========="
		cat "/tmp/sitea_1.log"
		echo "==========================="
		cat "/tmp/sitea_2.log"
	fi

	echo "Cleaning up instances of MinIO"
	pkill minio
	pkill -9 minio
	rm -rf /tmp/multisitea
}

catch

set -e
export MINIO_CI_CD=1