Add IP to supported types for Convert ingest processor

[geekpete]

Describe the feature:

Add the ability to validate IP and convert addresses with the convert processor so that IP can be added to the list of supported types that currently include: integer, long, float, double, string, boolean, and auto.

This could use existing code doing validation checking when indexing to a mapped IP field:
"reason": "'192.168.256.1' is not an IP string literal."

Such a processor feature would allow detection handling or enrichment of ip values in inputs that have potentially mixed value types.

[elasticmachine]

Pinging @elastic/es-core-features

[andrewkroh]

This would be helpful in all of the pipelines we build for Elastic SIEM. Elastic Common Schema declares a source.address keyword field and a source.ip ip field. You always populate source.address and then conditional populate source.ip if the value is an IP.

You shouldn't blindly copy the value from .address to .ip because this could result in a mapping exception. So if the convert processor could be used to validate the value that would help a lot.

In Beats the convert processor supports a psuedo-type for IPs. It doesn't really change the data type, but it will fail the "conversion" if the value is not an IP. https://www.elastic.co/guide/en/beats/filebeat/current/convert.html#convert

An equivalent setup with ingest node might be like:

PUT _ingest/pipeline/my-pipeline-id
{
  "processors" : [
    {
      "convert" : {
        "field" : "source.address",
        "target_field": "source.ip",
        "type": "ip",
        "ignore_failure": "true"
      }
    }
  ]
}

[geekpete]

Epic! Thanks team!