target_id in audit logs is overloaded in meaning/type
For authentication events it is forced to the id of the author (https://gitlab.com/gitlab-org/gitlab-ee/blob/master/app/services/audit_event_service.rb#L11), which is an integer. Additionally, the author and the entity are the same thing in at least some such cases (https://gitlab.com/gitlab-org/gitlab-ee/blob/master/app/controllers/sessions_controller.rb#L259) meaning @author.id also gets logged as author_id and entity_id.
However other logs, e.g. "Repository Download Started" (https://gitlab.com/gitlab-org/gitlab-ee/blob/master/ee/app/services/ee/audit_events/custom_audit_event_service.rb) have a target_id being a string (the project path in that particular case).
This is fine in a simple logging sense, but causes problems when naively ingesting into Elasticsearch. ES will get confused about the integer vs string types; the first type seen for a given day will win, and logs of the other type will be rejected. This is affecting our log ingest for GitLab.com
Given the duplication of the target_id value in other fields, could we remove it from the overrides added in for_authentication? Or is it a required/expected key and we must provide a value?