🔊 Improve Logging: move to slog and add trace level

.golangci.yml

@@ -73,6 +73,7 @@ linters:
     - gci
     - mnd
     - exportloopref
+    - contextcheck
 issues:
   exclude-use-default: false
   max-same-issues: 0

README.md

@@ -329,8 +329,12 @@ make run
   - Enable the plugin
 - LogLevel
   - string
-  - default: `INFO`, expected values are: `INFO`, `DEBUG`, `ERROR`
+  - default: `INFO`, expected values are: `DEBUG`, `INFO`, `WARN`, `ERROR`
   - Log are written to `stdout` / `stderr` or file if LogFilePath is provided
+- LogFormat
+  - string
+  - default: `common`, expected values are: `common`, `json`
+  - Log format: `common` for traditional text logs, `json` for structured JSON logs
 - LogFilePath
   - string
   - default: ""
@@ -590,6 +594,7 @@ http:
         bouncer:
           enabled: false
           logLevel: DEBUG
+          logFormat: common
           LogFilePath: ""
           updateIntervalSeconds: 60
           updateMaxFailure: 0

bouncer.go

@@ -11,6 +11,7 @@ import (
 	"fmt"
 	htmltemplate "html/template"
 	"io"
+	"log/slog"
 	"net/http"
 	"net/url"
 	"strconv"
@@ -117,16 +118,16 @@ type Bouncer struct {
 	httpAppsecClient        *http.Client
 	cacheClient             *cache.Client
 	captchaClient           *captcha.Client
-	log                     *logger.Log
+	log                     *slog.Logger
 }
 
 // New creates the crowdsec bouncer plugin.
 //
 //nolint:gocyclo
 func New(_ context.Context, next http.Handler, config *configuration.Config, name string) (http.Handler, error) {
 	config.LogLevel = strings.ToUpper(config.LogLevel)
-	log := logger.New(config.LogLevel, config.LogFilePath)
-	err := configuration.ValidateParams(config)
+	log := logger.NewWithFormat(config.LogLevel, config.LogFilePath, config.LogFormat)
+	err := configuration.ValidateParams(config, log)
 	if err != nil {
 		log.Error("New:validateParams " + err.Error())
 		return nil, err
@@ -455,7 +456,7 @@ func (bouncer *Bouncer) handleBanServeHTTP(rw http.ResponseWriter, req *http.Req
 	err := bouncer.banTemplate.Execute(rw, templateData)
 
 	if err != nil {
-		bouncer.log.Error("handleBanServeHTTP banTemplateServe " + err.Error())
+		bouncer.log.Warn("handleBanServeHTTP could not write template to ResponseWriter: " + err.Error())
 	}
 }
 
@@ -486,7 +487,7 @@ func (bouncer *Bouncer) handleNextServeHTTP(rw http.ResponseWriter, req *http.Re
 
 func handleStreamTicker(bouncer *Bouncer) {
 	if err := handleStreamCache(bouncer); err != nil {
-		bouncer.log.Debug(fmt.Sprintf("handleStreamTicker updateFailure:%d isCrowdsecStreamHealthy:%t %s", updateFailure, isCrowdsecStreamHealthy, err.Error()))
+		bouncer.log.Warn(fmt.Sprintf("handleStreamTicker updateFailure:%d isCrowdsecStreamHealthy:%t %s", updateFailure, isCrowdsecStreamHealthy, err.Error()))
 		if bouncer.updateMaxFailure != -1 && updateFailure >= bouncer.updateMaxFailure && isCrowdsecStreamHealthy {
 			isCrowdsecStreamHealthy = false
 			bouncer.log.Error(fmt.Sprintf("handleStreamTicker:error updateFailure:%d %s", updateFailure, err.Error()))
@@ -504,7 +505,7 @@ func handleMetricsTicker(bouncer *Bouncer) {
 	}
 }
 
-func startTicker(name string, updateInterval int64, log *logger.Log, work func()) chan bool {
+func startTicker(name string, updateInterval int64, log *slog.Logger, work func()) chan bool {
 	ticker := time.NewTicker(time.Duration(updateInterval) * time.Second)
 	stop := make(chan bool, 1)
 	go func() {
@@ -571,7 +572,7 @@ func handleNoStreamCache(bouncer *Bouncer, remoteIP string) (string, error) {
 	case "captcha":
 		value = cache.CaptchaValue
 	default:
-		bouncer.log.Debug("handleStreamCache:unknownType " + decision.Type)
+		bouncer.log.Info("handleStreamCache:unknownType " + decision.Type)
 	}
 	if isLiveMode && bouncer.defaultDecisionTimeout > 0 {
 		durationSecond := int64(duration.Seconds())
@@ -607,11 +608,11 @@ func getToken(bouncer *Bouncer) error {
 	if err != nil {
 		return fmt.Errorf("getToken:parsingBody %w", err)
 	}
-	if login.Code == 200 && len(login.Token) > 0 {
+	if login.Code == http.StatusOK && len(login.Token) > 0 {
 		bouncer.crowdsecKey = login.Token
-		bouncer.log.Debug(fmt.Sprintf("getToken statusCode:%d", login.Code))
 		return nil
 	}
+	bouncer.log.Warn(fmt.Sprintf("getToken statusCode:%d", login.Code))
 	return fmt.Errorf("getToken statusCode:%d", login.Code)
 }
 
@@ -654,15 +655,15 @@ func handleStreamCache(bouncer *Bouncer) error {
 			case "captcha":
 				value = cache.CaptchaValue
 			default:
-				bouncer.log.Debug("handleStreamCache:unknownType " + decision.Type)
+				bouncer.log.Info("handleStreamCache:unknownType " + decision.Type)
 			}
 			bouncer.cacheClient.Set(decision.Value, value, int64(duration.Seconds()))
 		}
 	}
 	for _, decision := range stream.Deleted {
 		bouncer.cacheClient.Delete(decision.Value)
 	}
-	bouncer.log.Debug("handleStreamCache:updated")
+	bouncer.log.Info("handleStreamCache:updated")
 	return nil
 }