feat: complete OTEL tracing across all services with pipeline bridge and docs

Extends tracing to every remaining module: all 23 API route handlers,
correlation engine, sniffer (fingerprint/p0f/syslog), prober (jarm/hassh/tcpfp),
profiler behavioral analysis, logging subsystem, engine, and mutator.

Bridges the ingester→SSE trace gap by persisting trace_id/span_id columns on
the logs table and creating OTEL span links in the SSE endpoint. Adds log-trace
correlation via _TraceContextFilter injecting otel_trace_id into Python LogRecords.

Includes development/docs/TRACING.md with full span reference (76 spans),
pipeline propagation architecture, quick start guide, and troubleshooting.

decnet/web/router/config/api_get_config.py

@@ -1,6 +1,7 @@
 from fastapi import APIRouter, Depends
 
 from decnet.env import DECNET_DEVELOPER
+from decnet.telemetry import traced as _traced
 from decnet.web.dependencies import require_viewer, repo
 from decnet.web.db.models import UserResponse
 
@@ -17,6 +18,7 @@ _DEFAULT_MUTATION_INTERVAL = "30m"
         401: {"description": "Could not validate credentials"},
     },
 )
+@_traced("api.get_config")
 async def api_get_config(user: dict = Depends(require_viewer)) -> dict:
     limits_state = await repo.get_state("config_limits")
     globals_state = await repo.get_state("config_globals")

decnet/web/router/config/api_manage_users.py

@@ -2,6 +2,7 @@ import uuid as _uuid
 
 from fastapi import APIRouter, Depends, HTTPException
 
+from decnet.telemetry import traced as _traced
 from decnet.web.auth import get_password_hash
 from decnet.web.dependencies import require_admin, repo
 from decnet.web.db.models import (
@@ -24,6 +25,7 @@ router = APIRouter()
         422: {"description": "Validation error"},
     },
 )
+@_traced("api.create_user")
 async def api_create_user(
     req: CreateUserRequest,
     admin: dict = Depends(require_admin),
@@ -57,6 +59,7 @@ async def api_create_user(
         404: {"description": "User not found"},
     },
 )
+@_traced("api.delete_user")
 async def api_delete_user(
     user_uuid: str,
     admin: dict = Depends(require_admin),
@@ -80,6 +83,7 @@ async def api_delete_user(
         422: {"description": "Validation error"},
     },
 )
+@_traced("api.update_user_role")
 async def api_update_user_role(
     user_uuid: str,
     req: UpdateUserRoleRequest,
@@ -106,6 +110,7 @@ async def api_update_user_role(
         422: {"description": "Validation error"},
     },
 )
+@_traced("api.reset_user_password")
 async def api_reset_user_password(
     user_uuid: str,
     req: ResetUserPasswordRequest,

decnet/web/router/config/api_reinit.py

@@ -1,6 +1,7 @@
 from fastapi import APIRouter, Depends, HTTPException
 
 from decnet.env import DECNET_DEVELOPER
+from decnet.telemetry import traced as _traced
 from decnet.web.dependencies import require_admin, repo
 
 router = APIRouter()
@@ -14,6 +15,7 @@ router = APIRouter()
         403: {"description": "Admin access required or developer mode not enabled"},
     },
 )
+@_traced("api.reinit")
 async def api_reinit(admin: dict = Depends(require_admin)) -> dict:
     if not DECNET_DEVELOPER:
         raise HTTPException(status_code=403, detail="Developer mode is not enabled")

decnet/web/router/config/api_update_config.py

@@ -1,5 +1,6 @@
 from fastapi import APIRouter, Depends
 
+from decnet.telemetry import traced as _traced
 from decnet.web.dependencies import require_admin, repo
 from decnet.web.db.models import DeploymentLimitRequest, GlobalMutationIntervalRequest
 
@@ -15,6 +16,7 @@ router = APIRouter()
         422: {"description": "Validation error"},
     },
 )
+@_traced("api.update_deployment_limit")
 async def api_update_deployment_limit(
     req: DeploymentLimitRequest,
     admin: dict = Depends(require_admin),
@@ -32,6 +34,7 @@ async def api_update_deployment_limit(
         422: {"description": "Validation error"},
     },
 )
+@_traced("api.update_global_mutation_interval")
 async def api_update_global_mutation_interval(
     req: GlobalMutationIntervalRequest,
     admin: dict = Depends(require_admin),