Addition about enduser namespace.

I'm wondering where term enduser came from and should we update it to more generic user?
For example in security we also operate with user, real user, saved user, effective user etc. All these users are having the same fields because they are represented using nested namespaces.

Also I have checked existing fields for the enduser:

• id, has double meaning, it can represent both id and username. I propose to split it into id and name as in this PR
• role -> change to the array of roles to align with ECS but also because one user could have multiple roles assigned.
• scope, stays the same, there is no conflicts with ECS fields

please let me know about your thoughts.

This PR was marked stale due to lack of activity. It will be closed in 7 days.

This PR was marked stale due to lack of activity. It will be closed in 7 days.

I would like to get attention to this PR.

How should we resolve conflict with existing naming for user? I have proposed my idea above in the first comment.

We do have sensitive tags but we don't use them in the registry. I think we should define and use them directly in registry. I can't think of a use case where the same field might be used as sensitive in one place and not sensitive in another place. WDYT?

I think marking them only in the registry certainly makes sense, otherwise, you need to mark them in a combination of. I can't imagine scenarios where the context is important for the sensitivity.

@alexvanboxel could you re-check your review? thanks