To get a custom assertion to write logs to its own log sink, there are a few things that need to be configured on the gateway side to get this to work. The first being to actually configure the log sink, and the other is setting up a Cluster Wide Property.
When creating a custom assertion, many people put debug logs in their source code to see what’s be going on as the policy eventually gets to the assertion. Instead of having it write the logs to the standard ssg log, you can write it to its own custom log sink.
The first part is to create the custom log sink:
1. Open up Policy Manager
2. Under Tasks > Manage Log/Audit Sinks
3. Create a log sink (the key part here is to reference the package name being used in the source code for your custom assertion)
The package name being used in this example is .com.example.l7tech.example (the same one being referenced in my source code).
The next part is to reference the package in a Cluster Wide Property
1. Under Tasks > Manage Cluster-Wide Properties
2. Add the Cluster Wide Property ‘log.levels’
3. You again have to reference the same package name, but add “.level” after it to use the cluster wide property correctly
So as you see, the same package name being used in my source code and log sink, is the same on I’m using in the Cluster-Wide property.
After applying these two configurations on the gateway (assuming the source code you created has the right code in it for logging), you should start seeing logs for the custom assertion being written to the custom log sink you created.