The udp input plugin supports an option source_ip_fieldname with a default value of host and described as "the name of the field where the source IP address will be stored."
I'd like to begin using ECS fields everywhere possible in my data, and one aspect of the default use of host for the field name in which to store the remote log client's IP is that it's a container field in ECS (https://github.com/elastic/ecs#host). So I would ideally like to override source_ip_fieldname everywhere to use host.ip. The documentation for at least the tcp and syslog input plugins suggests that source_ip_fieldname option is not supported for them. Would just like to request if this option can be implemented in every network input plugin to facilitate easy override of the field to store the log sender's IP.
Alternate question: would it make sense to start shifting field names used by default and in the documentation/examples to using ECS field schema? Example as per above, no longer use host but instead host.ip, and no longer hostname but host.name or host.hostname; recommend using event.type, etc.