[P1BIGROCKS-2217](https://jira.il2.dso.mil/browse/P1BIGROCKS-2217) Cluster Auditor currently depends on Elasticsearch to store the logs of violations collected by OPA. The goal of this Epic is to be able to display/track and alert on violations of OPA Gatekeeper using Grafana/Prometheus and/or Alertmanager. ## Spike Use the opa exporter as outlined in this article ( https://itnext.io/expose-open-policy-agent-gatekeeper-constraint-violations-with-prometheus-and-grafana-6b7ac92ea07f ) to track and export metrics on all violations for Gatekeeper policies. Then, using the Prometheus data, build Grafana dashboards that show and track the violations Ensure - [ ] Data is available about which pods/namespaces/etc are violation policies - [ ] Data is available about which policy is being violated - [ ] Identify violations in a specific namespace - [ ] Identify violations in all namespaces - [ ] Track violations over time (by namespace and/or policy) Stretch Goals - [ ] Use annotations/labels on policies to provide additional metadata/information to policies, e.g. what NIST control it maps to, DevSecOps Ref Architecture requirement, etc. ## Harden Once this solution is in place, we can submit the containers needed for hardening.