Backport #454 to 1.0: Format port numbers and numeric IDs as strings

CHANGELOG.next.md

@@ -8,6 +8,8 @@
 
 ### Improvements
 
+* Format port numbers and numeric IDs as strings. #454
+
 ### Deprecated
 
 

generated/beats/fields.ecs.yml

@@ -222,6 +222,7 @@
     - name: port
       level: core
       type: long
+      format: string
       description: Port of the client.
     - name: user.email
       level: extended
@@ -461,6 +462,7 @@
     - name: port
       level: core
       type: long
+      format: string
       description: Port of the destination.
     - name: user.email
       level: extended
@@ -691,6 +693,7 @@
     - name: severity
       level: core
       type: long
+      format: string
       description: Severity describes the original severity of the event. What the
         different severity values mean can very different between use cases. It's
         up to the implementer to make sure severities are consistent across events.
@@ -1126,6 +1129,7 @@
     - name: response.status_code
       level: extended
       type: long
+      format: string
       description: HTTP response status code.
       example: 404
     - name: version
@@ -1516,10 +1520,12 @@
     - name: pid
       level: core
       type: long
+      format: string
       description: Process id.
     - name: ppid
       level: extended
       type: long
+      format: string
       description: Process parent id.
     - name: start
       level: extended
@@ -1529,6 +1535,7 @@
     - name: thread.id
       level: extended
       type: long
+      format: string
       description: Thread ID.
       example: 4242
     - name: title
@@ -1677,6 +1684,7 @@
     - name: port
       level: core
       type: long
+      format: string
       description: Port of the server.
     - name: user.email
       level: extended
@@ -1890,6 +1898,7 @@
     - name: port
       level: core
       type: long
+      format: string
       description: Port of the source.
     - name: user.email
       level: extended
@@ -1987,6 +1996,7 @@
     - name: port
       level: extended
       type: long
+      format: string
       description: Port of the request, such as 443.
       example: 443
     - name: query

generated/ecs/ecs_flat.yml

@@ -236,6 +236,7 @@ client.packets:
 client.port:
   description: Port of the client.
   flat_name: client.port
+  format: string
   level: core
   name: port
   order: 2
@@ -601,6 +602,7 @@ destination.packets:
 destination.port:
   description: Port of the destination.
   flat_name: destination.port
+  format: string
   level: core
   name: port
   order: 2
@@ -920,6 +922,7 @@ event.severity:
     to make sure severities are consistent across events.
   example: '7'
   flat_name: event.severity
+  format: string
   level: core
   name: severity
   order: 8
@@ -1583,6 +1586,7 @@ http.response.status_code:
   description: HTTP response status code.
   example: 404
   flat_name: http.response.status_code
+  format: string
   level: extended
   name: response.status_code
   order: 3
@@ -2149,6 +2153,7 @@ process.pid:
   description: Process id.
   exmple: ssh
   flat_name: process.pid
+  format: string
   level: core
   name: pid
   order: 0
@@ -2157,6 +2162,7 @@ process.pid:
 process.ppid:
   description: Process parent id.
   flat_name: process.ppid
+  format: string
   level: extended
   name: ppid
   order: 2
@@ -2175,6 +2181,7 @@ process.thread.id:
   description: Thread ID.
   example: 4242
   flat_name: process.thread.id
+  format: string
   level: extended
   name: thread.id
   order: 6
@@ -2366,6 +2373,7 @@ server.packets:
 server.port:
   description: Port of the server.
   flat_name: server.port
+  format: string
   level: core
   name: port
   order: 2
@@ -2689,6 +2697,7 @@ source.packets:
 source.port:
   description: Port of the source.
   flat_name: source.port
+  format: string
   level: core
   name: port
   order: 2
@@ -2852,6 +2861,7 @@ url.port:
   description: Port of the request, such as 443.
   example: 443
   flat_name: url.port
+  format: string
   level: extended
   name: port
   order: 4

generated/ecs/ecs_nested.yml

@@ -326,6 +326,7 @@ client:
     port:
       description: Port of the client.
       flat_name: client.port
+      format: string
       level: core
       name: port
       order: 2
@@ -732,6 +733,7 @@ destination:
     port:
       description: Port of the destination.
       flat_name: destination.port
+      format: string
       level: core
       name: port
       order: 2
@@ -1094,6 +1096,7 @@ event:
         up to the implementer to make sure severities are consistent across events.
       example: '7'
       flat_name: event.severity
+      format: string
       level: core
       name: severity
       order: 8
@@ -1837,6 +1840,7 @@ http:
       description: HTTP response status code.
       example: 404
       flat_name: http.response.status_code
+      format: string
       level: extended
       name: response.status_code
       order: 3
@@ -2459,6 +2463,7 @@ process:
       description: Process id.
       exmple: ssh
       flat_name: process.pid
+      format: string
       level: core
       name: pid
       order: 0
@@ -2467,6 +2472,7 @@ process:
     ppid:
       description: Process parent id.
       flat_name: process.ppid
+      format: string
       level: extended
       name: ppid
       order: 2
@@ -2485,6 +2491,7 @@ process:
       description: Thread ID.
       example: 4242
       flat_name: process.thread.id
+      format: string
       level: extended
       name: thread.id
       order: 6
@@ -2717,6 +2724,7 @@ server:
     port:
       description: Port of the server.
       flat_name: server.port
+      format: string
       level: core
       name: port
       order: 2
@@ -3066,6 +3074,7 @@ source:
     port:
       description: Port of the source.
       flat_name: source.port
+      format: string
       level: core
       name: port
       order: 2
@@ -3233,6 +3242,7 @@ url:
       description: Port of the request, such as 443.
       example: 443
       flat_name: url.port
+      format: string
       level: extended
       name: port
       order: 4

schemas/client.yml

@@ -41,6 +41,7 @@
         Can be one or multiple IPv4 or IPv6 addresses.
 
     - name: port
+      format: string
       level: core
       type: long
       description: >

schemas/destination.yml

@@ -32,6 +32,7 @@
         Can be one or multiple IPv4 or IPv6 addresses.
 
     - name: port
+      format: string
       level: core
       type: long
       description: >

schemas/event.yml

@@ -112,6 +112,7 @@
       example: stats
 
     - name: severity
+      format: string
       level: core
       type: long
       example: "7"

schemas/http.yml

@@ -34,6 +34,7 @@
       example: https://blog.example.com/
 
     - name: response.status_code
+      format: string
       level: extended
       type: long
       description: >

schemas/process.yml

@@ -13,6 +13,7 @@
   fields:
 
     - name: pid
+      format: string
       level: core
       type: long
       description: >
@@ -30,6 +31,7 @@
       example: ssh
 
     - name: ppid
+      format: string
       level: extended
       type: long
       description: >
@@ -63,6 +65,7 @@
         for example a browser setting its title to the web page currently opened.
 
     - name: thread.id
+      format: string
       level: extended
       type: long
       example: 4242

schemas/server.yml

@@ -41,6 +41,7 @@
         Can be one or multiple IPv4 or IPv6 addresses.
 
     - name: port
+      format: string
       level: core
       type: long
       description: >

schemas/source.yml

@@ -32,6 +32,7 @@
         Can be one or multiple IPv4 or IPv6 addresses.
 
     - name: port
+      format: string
       level: core
       type: long
       description: >

schemas/url.yml

@@ -55,6 +55,7 @@
       example: www.elastic.co
 
     - name: port
+      format: string
       level: extended
       type: long
       description: >