Hello, are there any recommended patterns for implementing an audit log of authorization decisions? I know I can just create a wrapper around the Check API that logs any decision to whatever system I want, but is there something more native to AuthZed/SpiceDB like the Watch API? The use-case is that I'm rolling out AuthZed to a system that previously didn't have granular authorization and I want to first enable it in "silent" mode where I check how often users are doing things they wouldn't be permitted to do if the granular authorization was enforced.