chore: version 1.0.7 - add log levels

- Add configurable log levels: DEBUG, INFO, WARN, ERROR
- Replace debug.enabled with log.level in configuration
- Add Warn/Warnf methods for warning messages
- Log orphan events and buffer overflow as WARN
- Log parse errors as WARN
- Log raw events and correlations as DEBUG

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>

internal/domain/correlation_service.go

@@ -4,6 +4,8 @@ import (
 	"container/list"
 	"sync"
 	"time"
+
+	"github.com/logcorrelator/logcorrelator/internal/observability"
 )
 
 const (
@@ -30,6 +32,7 @@ type CorrelationService struct {
 	pendingA     map[string][]*list.Element // key -> ordered elements containing *NormalizedEvent
 	pendingB     map[string][]*list.Element
 	timeProvider TimeProvider
+	logger       *observability.Logger
 }
 
 type eventBuffer struct {
@@ -73,9 +76,15 @@ func NewCorrelationService(config CorrelationConfig, timeProvider TimeProvider)
 		pendingA:     make(map[string][]*list.Element),
 		pendingB:     make(map[string][]*list.Element),
 		timeProvider: timeProvider,
+		logger:       observability.NewLogger("correlation"),
 	}
 }
 
+// SetLogger sets the logger for the correlation service.
+func (s *CorrelationService) SetLogger(logger *observability.Logger) {
+	s.logger = logger
+}
+
 // ProcessEvent processes an incoming event and returns correlated logs if matches are found.
 func (s *CorrelationService) ProcessEvent(event *NormalizedEvent) []CorrelatedLog {
 	s.mu.Lock()
@@ -87,6 +96,8 @@ func (s *CorrelationService) ProcessEvent(event *NormalizedEvent) []CorrelatedLo
 	// Check buffer overflow before adding
 	if s.isBufferFull(event.Source) {
 		// Buffer full, drop event or emit as orphan
+		s.logger.Warnf("buffer full, dropping event: source=%s src_ip=%s src_port=%d", 
+			event.Source, event.SrcIP, event.SrcPort)
 		if event.Source == SourceA && s.config.ApacheAlwaysEmit {
 			return []CorrelatedLog{NewCorrelatedLogFromEvent(event, "A")}
 		}
@@ -112,11 +123,23 @@ func (s *CorrelationService) ProcessEvent(event *NormalizedEvent) []CorrelatedLo
 
 	if shouldBuffer {
 		s.addEvent(event)
+		s.logger.Debugf("event buffered: source=%s src_ip=%s src_port=%d buffer_size=%d", 
+			event.Source, event.SrcIP, event.SrcPort, s.getBufferSize(event.Source))
 	}
 
 	return results
 }
 
+func (s *CorrelationService) getBufferSize(source EventSource) int {
+	switch source {
+	case SourceA:
+		return s.bufferA.events.Len()
+	case SourceB:
+		return s.bufferB.events.Len()
+	}
+	return 0
+}
+
 func (s *CorrelationService) isBufferFull(source EventSource) bool {
 	switch source {
 	case SourceA:
@@ -135,12 +158,15 @@ func (s *CorrelationService) processSourceA(event *NormalizedEvent) ([]Correlate
 		return s.eventsMatch(event, other)
 	}); bEvent != nil {
 		correlated := NewCorrelatedLog(event, bEvent)
+		s.logger.Debugf("correlation found: A(src_ip=%s src_port=%d) + B(src_ip=%s src_port=%d)", 
+			event.SrcIP, event.SrcPort, bEvent.SrcIP, bEvent.SrcPort)
 		return []CorrelatedLog{correlated}, false
 	}
 
-	// No match found
+	// No match found - orphan A event
 	if s.config.ApacheAlwaysEmit {
 		orphan := NewCorrelatedLogFromEvent(event, "A")
+		s.logger.Warnf("orphan A event (no B match): src_ip=%s src_port=%d", event.SrcIP, event.SrcPort)
 		return []CorrelatedLog{orphan}, false
 	}
 
@@ -156,12 +182,15 @@ func (s *CorrelationService) processSourceB(event *NormalizedEvent) ([]Correlate
 		return s.eventsMatch(other, event)
 	}); aEvent != nil {
 		correlated := NewCorrelatedLog(aEvent, event)
+		s.logger.Debugf("correlation found: A(src_ip=%s src_port=%d) + B(src_ip=%s src_port=%d)", 
+			aEvent.SrcIP, aEvent.SrcPort, event.SrcIP, event.SrcPort)
 		return []CorrelatedLog{correlated}, false
 	}
 
-	// No match found
+	// No match found - orphan B event (not emitted by default)
 	if s.config.NetworkEmit {
 		orphan := NewCorrelatedLogFromEvent(event, "B")
+		s.logger.Warnf("orphan B event (no A match): src_ip=%s src_port=%d", event.SrcIP, event.SrcPort)
 		return []CorrelatedLog{orphan}, false
 	}