diff --git a/src/packet_analysis/Analyzer.h b/src/packet_analysis/Analyzer.h
index e8d431cfca..fd1321bfbb 100644
--- a/src/packet_analysis/Analyzer.h
+++ b/src/packet_analysis/Analyzer.h
@@ -1,7 +1,6 @@
 // See the file "COPYING" in the main distribution directory for copyright.
 #pragma once
 
-#include "Defines.h"
 #include "Manager.h"
 #include "Tag.h"
 #include <iosource/Packet.h>
@@ -17,7 +16,7 @@ enum class AnalyzerResult {
 	Terminate // Analysis succeeded and there is no further analysis to do
 };
 
-using AnalysisResultTuple = std::tuple<AnalyzerResult, identifier_t>;
+using AnalysisResultTuple = std::tuple<AnalyzerResult, uint32_t>;
 
 class Analyzer {
 public:
@@ -75,7 +74,7 @@ public:
 	 * how to proceed. If analysis can continue, the identifier determines the
 	 * encapsulated protocol.
 	 */
-	virtual std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) = 0;
+	virtual AnalysisResultTuple Analyze(Packet* packet) = 0;
 
 protected:
 	friend class Manager;
diff --git a/src/packet_analysis/Config.cc b/src/packet_analysis/Config.cc
index 4fd644b35d..236d8797d5 100644
--- a/src/packet_analysis/Config.cc
+++ b/src/packet_analysis/Config.cc
@@ -14,12 +14,12 @@ const std::string& DispatcherConfig::GetName() const
 	return name;
 	}
 
-const std::map<identifier_t, std::string>& DispatcherConfig::GetMappings() const
+const std::map<uint32_t, std::string>& DispatcherConfig::GetMappings() const
 	{
 	return mappings;
 	}
 
-void DispatcherConfig::AddMapping(identifier_t identifier,
+void DispatcherConfig::AddMapping(uint32_t identifier,
                                   const std::string& analyzer_name)
 	{
 	DBG_LOG(DBG_PACKET_ANALYSIS, "Adding configuration mapping: %s -> %#x -> %s",
@@ -71,7 +71,7 @@ DispatcherConfig& Config::AddDispatcherConfig(const std::string& name)
 	return dispatchers.emplace_back(name);
 	}
 
-void Config::AddMapping(const std::string& name, identifier_t identifier,
+void Config::AddMapping(const std::string& name, uint32_t identifier,
                         const std::string& analyzer_name)
 	{
 	// Create dispatcher config if it does not exist yet
diff --git a/src/packet_analysis/Config.h b/src/packet_analysis/Config.h
index f99526d311..9a89626925 100644
--- a/src/packet_analysis/Config.h
+++ b/src/packet_analysis/Config.h
@@ -8,8 +8,6 @@
 #include <utility>
 #include <vector>
 
-#include "Defines.h"
-
 namespace zeek::packet_analysis {
 
 class DispatcherConfig {
@@ -17,16 +15,16 @@ public:
 	explicit DispatcherConfig(const std::string name) : name(std::move(name)) { }
 
 	const std::string& GetName() const;
-	const std::map<identifier_t, std::string>& GetMappings() const;
+	const std::map<uint32_t, std::string>& GetMappings() const;
 
-	void AddMapping(identifier_t identifier, const std::string& analyzer_name);
+	void AddMapping(uint32_t identifier, const std::string& analyzer_name);
 
 	bool operator==(const DispatcherConfig& rhs) const;
 	bool operator!=(const DispatcherConfig& rhs) const;
 
 private:
 	const std::string name;
-	std::map<identifier_t, std::string> mappings;
+	std::map<uint32_t, std::string> mappings;
 };
 
 class Config {
@@ -35,7 +33,7 @@ public:
 	const std::vector<DispatcherConfig>& GetDispatchers() const;
 	std::optional<std::reference_wrapper<DispatcherConfig>> GetDispatcherConfig(const std::string& name);
 	DispatcherConfig& AddDispatcherConfig(const std::string& name);
-	void AddMapping(const std::string& name, identifier_t identifier, const std::string& analyzer_name);
+	void AddMapping(const std::string& name, uint32_t identifier, const std::string& analyzer_name);
 
 private:
 	std::vector<DispatcherConfig> dispatchers;
diff --git a/src/packet_analysis/Defines.h b/src/packet_analysis/Defines.h
deleted file mode 100644
index 3479b5b392..0000000000
--- a/src/packet_analysis/Defines.h
+++ /dev/null
@@ -1,11 +0,0 @@
-// See the file "COPYING" in the main distribution directory for copyright.
-
-#pragma once
-
-#include <cstdint>
-
-namespace zeek::packet_analysis {
-
-	using identifier_t = uint32_t;
-
-}
diff --git a/src/packet_analysis/Dispatcher.cc b/src/packet_analysis/Dispatcher.cc
index 7662c42b88..9ca3ae1c67 100644
--- a/src/packet_analysis/Dispatcher.cc
+++ b/src/packet_analysis/Dispatcher.cc
@@ -11,7 +11,7 @@ Dispatcher::~Dispatcher()
 	FreeValues();
 	}
 
-bool Dispatcher::Register(identifier_t identifier, AnalyzerPtr analyzer, DispatcherPtr dispatcher)
+bool Dispatcher::Register(uint32_t identifier, AnalyzerPtr analyzer, DispatcherPtr dispatcher)
 	{
 	// If the table has size 1 and the entry is nullptr, there was nothing added yet. Just add it.
 	if ( table.size() == 1 && table[0] == nullptr )
@@ -29,7 +29,7 @@ bool Dispatcher::Register(identifier_t identifier, AnalyzerPtr analyzer, Dispatc
 	else if ( identifier < lowest_identifier )
 		{
 		// Lower than the lowest registered identifier. Shift up by lowerBound - identifier
-		identifier_t distance = lowest_identifier - identifier;
+		uint32_t distance = lowest_identifier - identifier;
 		table.resize(table.size() + distance, nullptr);
 
 		// Shift values
@@ -77,7 +77,7 @@ void Dispatcher::Register(const register_map& data)
 		}
 	}
 
-ValuePtr Dispatcher::Lookup(identifier_t identifier) const
+ValuePtr Dispatcher::Lookup(uint32_t identifier) const
 	{
 	int64_t index = identifier - lowest_identifier;
 	if ( index >= 0 && index < static_cast<int64_t>(table.size()) && table[index] != nullptr )
diff --git a/src/packet_analysis/Dispatcher.h b/src/packet_analysis/Dispatcher.h
index eb4b0c8c36..18da74923c 100644
--- a/src/packet_analysis/Dispatcher.h
+++ b/src/packet_analysis/Dispatcher.h
@@ -11,8 +11,8 @@ namespace zeek::packet_analysis {
 class Dispatcher; // Forward decl for Value
 using DispatcherPtr = std::shared_ptr<Dispatcher>;
 
-using register_pair = std::pair<identifier_t, std::pair<AnalyzerPtr, DispatcherPtr>>;
-using register_map = std::map<identifier_t, std::pair<AnalyzerPtr, DispatcherPtr>>;
+using register_pair = std::pair<uint32_t, std::pair<AnalyzerPtr, DispatcherPtr>>;
+using register_map = std::map<uint32_t, std::pair<AnalyzerPtr, DispatcherPtr>>;
 
 class Value {
 public:
@@ -35,22 +35,22 @@ public:
 
 	~Dispatcher();
 
-	bool Register(identifier_t identifier, AnalyzerPtr analyzer, DispatcherPtr dispatcher);
+	bool Register(uint32_t identifier, AnalyzerPtr analyzer, DispatcherPtr dispatcher);
 	void Register(const register_map& data);
 
-	ValuePtr Lookup(identifier_t identifier) const;
+	ValuePtr Lookup(uint32_t identifier) const;
 
 	size_t Size() const;
 	void Clear();
 	void DumpDebug() const;
 
 private:
-	identifier_t lowest_identifier = 0;
+	uint32_t lowest_identifier = 0;
 	std::vector<ValuePtr> table;
 
 	void FreeValues();
 
-	inline identifier_t GetHighestIdentifier() const
+	inline uint32_t GetHighestIdentifier() const
 		{
 		return lowest_identifier + table.size() - 1;
 		}
diff --git a/src/packet_analysis/Manager.cc b/src/packet_analysis/Manager.cc
index b9e17ac916..1e3a405ee8 100644
--- a/src/packet_analysis/Manager.cc
+++ b/src/packet_analysis/Manager.cc
@@ -149,7 +149,7 @@ void Manager::ProcessPacket(Packet* packet)
 
 	// Dispatch and analyze layers
 	AnalyzerResult result = AnalyzerResult::Continue;
-	identifier_t next_layer_id = packet->link_type;
+	uint32_t next_layer_id = packet->link_type;
 	do
 		{
 		auto current_analyzer = Dispatch(next_layer_id);
@@ -224,7 +224,7 @@ void Manager::CustomEncapsulationSkip(Packet* packet)
 		}
 	}
 
-AnalyzerPtr Manager::Dispatch(identifier_t identifier)
+AnalyzerPtr Manager::Dispatch(uint32_t identifier)
 	{
 	// Because leaf nodes (aka no more dispatching) can still have an existing analyzer that returns more identifiers,
 	// current_state needs to be checked to be not null. In this case there would have been an analyzer dispatched
diff --git a/src/packet_analysis/Manager.h b/src/packet_analysis/Manager.h
index 34c61ceafd..cffc9cc0ce 100644
--- a/src/packet_analysis/Manager.h
+++ b/src/packet_analysis/Manager.h
@@ -97,7 +97,7 @@ private:
 	 */
 	void CustomEncapsulationSkip(Packet* packet);
 
-	AnalyzerPtr Dispatch(identifier_t identifier);
+	AnalyzerPtr Dispatch(uint32_t identifier);
 
 	DispatcherPtr GetDispatcher(Config& configuration, const std::string& dispatcher_name);
 
diff --git a/src/packet_analysis/protocol/arp/ARP.cc b/src/packet_analysis/protocol/arp/ARP.cc
index 204e9b54c4..bcc860deb5 100644
--- a/src/packet_analysis/protocol/arp/ARP.cc
+++ b/src/packet_analysis/protocol/arp/ARP.cc
@@ -9,7 +9,7 @@ ARPAnalyzer::ARPAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> ARPAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple ARPAnalyzer::Analyze(Packet* packet)
 	{
 	// TODO: Make ARP analyzer a native packet analyzer
 	packet->l3_proto = L3_ARP;
diff --git a/src/packet_analysis/protocol/arp/ARP.h b/src/packet_analysis/protocol/arp/ARP.h
index 2e93b8231f..89c8f55db0 100644
--- a/src/packet_analysis/protocol/arp/ARP.h
+++ b/src/packet_analysis/protocol/arp/ARP.h
@@ -12,7 +12,7 @@ public:
 	ARPAnalyzer();
 	~ARPAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/default/Default.cc b/src/packet_analysis/protocol/default/Default.cc
index d3e3901c1b..56f49df949 100644
--- a/src/packet_analysis/protocol/default/Default.cc
+++ b/src/packet_analysis/protocol/default/Default.cc
@@ -10,7 +10,7 @@ DefaultAnalyzer::DefaultAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> DefaultAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple DefaultAnalyzer::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 
@@ -22,7 +22,7 @@ std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identif
 		}
 
 	auto ip = (const struct ip *)pdata;
-	identifier_t protocol = ip->ip_v;
+	uint32_t protocol = ip->ip_v;
 
 	return { AnalyzerResult::Continue, protocol };
 	}
diff --git a/src/packet_analysis/protocol/default/Default.h b/src/packet_analysis/protocol/default/Default.h
index a61b2cce53..86eb7e1445 100644
--- a/src/packet_analysis/protocol/default/Default.h
+++ b/src/packet_analysis/protocol/default/Default.h
@@ -12,7 +12,7 @@ public:
 	DefaultAnalyzer();
 	~DefaultAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/ethernet/Ethernet.cc b/src/packet_analysis/protocol/ethernet/Ethernet.cc
index 9db434d82c..9633596d84 100644
--- a/src/packet_analysis/protocol/ethernet/Ethernet.cc
+++ b/src/packet_analysis/protocol/ethernet/Ethernet.cc
@@ -10,7 +10,7 @@ EthernetAnalyzer::EthernetAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> EthernetAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple EthernetAnalyzer::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 	auto end_of_data = packet->GetEndOfData();
@@ -38,7 +38,7 @@ std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identif
 		}
 
 	// Get protocol being carried from the ethernet frame.
-	identifier_t protocol = (pdata[12] << 8) + pdata[13];
+	uint32_t protocol = (pdata[12] << 8) + pdata[13];
 
 	packet->eth_type = protocol;
 	packet->l2_dst = pdata;
diff --git a/src/packet_analysis/protocol/ethernet/Ethernet.h b/src/packet_analysis/protocol/ethernet/Ethernet.h
index e64b131afb..aa4707df1b 100644
--- a/src/packet_analysis/protocol/ethernet/Ethernet.h
+++ b/src/packet_analysis/protocol/ethernet/Ethernet.h
@@ -12,7 +12,7 @@ public:
 	EthernetAnalyzer();
 	~EthernetAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/fddi/FDDI.cc b/src/packet_analysis/protocol/fddi/FDDI.cc
index 3a7b2c5d11..763e25c1e0 100644
--- a/src/packet_analysis/protocol/fddi/FDDI.cc
+++ b/src/packet_analysis/protocol/fddi/FDDI.cc
@@ -10,7 +10,7 @@ FDDIAnalyzer::FDDIAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> FDDIAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple FDDIAnalyzer::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 	auto hdr_size = 13 + 8; // FDDI header + LLC
diff --git a/src/packet_analysis/protocol/fddi/FDDI.h b/src/packet_analysis/protocol/fddi/FDDI.h
index 52bcd94598..4e092eccb4 100644
--- a/src/packet_analysis/protocol/fddi/FDDI.h
+++ b/src/packet_analysis/protocol/fddi/FDDI.h
@@ -12,7 +12,7 @@ public:
 	FDDIAnalyzer();
 	~FDDIAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/ieee802_11/IEEE802_11.cc b/src/packet_analysis/protocol/ieee802_11/IEEE802_11.cc
index 500d1fe592..ee4b090efc 100644
--- a/src/packet_analysis/protocol/ieee802_11/IEEE802_11.cc
+++ b/src/packet_analysis/protocol/ieee802_11/IEEE802_11.cc
@@ -10,7 +10,7 @@ IEEE802_11Analyzer::IEEE802_11Analyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> IEEE802_11Analyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple IEEE802_11Analyzer::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 	auto end_of_data = packet->GetEndOfData();
@@ -106,7 +106,7 @@ std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identif
 		return { AnalyzerResult::Failed, 0 };
 		}
 
-	identifier_t protocol = (pdata[0] << 8) + pdata[1];
+	uint32_t protocol = (pdata[0] << 8) + pdata[1];
 	pdata += 2;
 
 	return { AnalyzerResult::Continue, protocol };
diff --git a/src/packet_analysis/protocol/ieee802_11/IEEE802_11.h b/src/packet_analysis/protocol/ieee802_11/IEEE802_11.h
index 2b3e74e205..03b706d9ae 100644
--- a/src/packet_analysis/protocol/ieee802_11/IEEE802_11.h
+++ b/src/packet_analysis/protocol/ieee802_11/IEEE802_11.h
@@ -12,7 +12,7 @@ public:
 	IEEE802_11Analyzer();
 	~IEEE802_11Analyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/ieee802_11_radio/IEEE802_11_Radio.cc b/src/packet_analysis/protocol/ieee802_11_radio/IEEE802_11_Radio.cc
index b5025ce372..ec34f39d04 100644
--- a/src/packet_analysis/protocol/ieee802_11_radio/IEEE802_11_Radio.cc
+++ b/src/packet_analysis/protocol/ieee802_11_radio/IEEE802_11_Radio.cc
@@ -12,7 +12,7 @@ IEEE802_11_RadioAnalyzer::IEEE802_11_RadioAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> IEEE802_11_RadioAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple IEEE802_11_RadioAnalyzer::Analyze(Packet* packet)
 	{
 	auto pdata = packet->cur_pos;
 	auto end_of_data = packet->GetEndOfData();
diff --git a/src/packet_analysis/protocol/ieee802_11_radio/IEEE802_11_Radio.h b/src/packet_analysis/protocol/ieee802_11_radio/IEEE802_11_Radio.h
index f9fe41f2dd..ef1cf1fb39 100644
--- a/src/packet_analysis/protocol/ieee802_11_radio/IEEE802_11_Radio.h
+++ b/src/packet_analysis/protocol/ieee802_11_radio/IEEE802_11_Radio.h
@@ -12,7 +12,7 @@ public:
 	IEEE802_11_RadioAnalyzer();
 	~IEEE802_11_RadioAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/ipv4/IPv4.cc b/src/packet_analysis/protocol/ipv4/IPv4.cc
index 6c04a93e59..8cfd51b7f9 100644
--- a/src/packet_analysis/protocol/ipv4/IPv4.cc
+++ b/src/packet_analysis/protocol/ipv4/IPv4.cc
@@ -9,7 +9,7 @@ IPv4Analyzer::IPv4Analyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> IPv4Analyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple IPv4Analyzer::Analyze(Packet* packet)
 	{
 	packet->l3_proto = L3_IPV4;
 
diff --git a/src/packet_analysis/protocol/ipv4/IPv4.h b/src/packet_analysis/protocol/ipv4/IPv4.h
index 7750fa9033..1ee5b5098b 100644
--- a/src/packet_analysis/protocol/ipv4/IPv4.h
+++ b/src/packet_analysis/protocol/ipv4/IPv4.h
@@ -12,7 +12,7 @@ public:
 	IPv4Analyzer();
 	~IPv4Analyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/ipv6/IPv6.cc b/src/packet_analysis/protocol/ipv6/IPv6.cc
index e7712d60e3..2d724d9188 100644
--- a/src/packet_analysis/protocol/ipv6/IPv6.cc
+++ b/src/packet_analysis/protocol/ipv6/IPv6.cc
@@ -9,7 +9,7 @@ IPv6Analyzer::IPv6Analyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> IPv6Analyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple IPv6Analyzer::Analyze(Packet* packet)
 	{
 	packet->l3_proto = L3_IPV6;
 
diff --git a/src/packet_analysis/protocol/ipv6/IPv6.h b/src/packet_analysis/protocol/ipv6/IPv6.h
index ae425ffec4..db9416697a 100644
--- a/src/packet_analysis/protocol/ipv6/IPv6.h
+++ b/src/packet_analysis/protocol/ipv6/IPv6.h
@@ -12,7 +12,7 @@ public:
 	IPv6Analyzer();
 	~IPv6Analyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/linux_sll/LinuxSLL.cc b/src/packet_analysis/protocol/linux_sll/LinuxSLL.cc
index f324f368f0..5a1f0fb29b 100644
--- a/src/packet_analysis/protocol/linux_sll/LinuxSLL.cc
+++ b/src/packet_analysis/protocol/linux_sll/LinuxSLL.cc
@@ -9,7 +9,7 @@ LinuxSLLAnalyzer::LinuxSLLAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> LinuxSLLAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple LinuxSLLAnalyzer::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 
@@ -22,7 +22,7 @@ std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identif
 	//TODO: Handle different ARPHRD_types
 	auto hdr = (const SLLHeader*)pdata;
 
-	identifier_t protocol = ntohs(hdr->protocol_type);
+	uint32_t protocol = ntohs(hdr->protocol_type);
 	packet->l2_src = (u_char*) &(hdr->addr);
 
 	// SLL doesn't include a destination address in the header, but not setting l2_dst to something
diff --git a/src/packet_analysis/protocol/linux_sll/LinuxSLL.h b/src/packet_analysis/protocol/linux_sll/LinuxSLL.h
index 09990eba2b..04cd170318 100644
--- a/src/packet_analysis/protocol/linux_sll/LinuxSLL.h
+++ b/src/packet_analysis/protocol/linux_sll/LinuxSLL.h
@@ -12,7 +12,7 @@ public:
 	LinuxSLLAnalyzer();
 	~LinuxSLLAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/mpls/MPLS.cc b/src/packet_analysis/protocol/mpls/MPLS.cc
index b655ada837..1b22403919 100644
--- a/src/packet_analysis/protocol/mpls/MPLS.cc
+++ b/src/packet_analysis/protocol/mpls/MPLS.cc
@@ -9,7 +9,7 @@ MPLSAnalyzer::MPLSAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> MPLSAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple MPLSAnalyzer::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 	auto end_of_data = packet->GetEndOfData();
diff --git a/src/packet_analysis/protocol/mpls/MPLS.h b/src/packet_analysis/protocol/mpls/MPLS.h
index 694e551f31..3c13e5d878 100644
--- a/src/packet_analysis/protocol/mpls/MPLS.h
+++ b/src/packet_analysis/protocol/mpls/MPLS.h
@@ -12,7 +12,7 @@ public:
 	MPLSAnalyzer();
 	~MPLSAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/nflog/NFLog.cc b/src/packet_analysis/protocol/nflog/NFLog.cc
index 38bb08d5db..0167a792fa 100644
--- a/src/packet_analysis/protocol/nflog/NFLog.cc
+++ b/src/packet_analysis/protocol/nflog/NFLog.cc
@@ -10,12 +10,12 @@ NFLogAnalyzer::NFLogAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> NFLogAnalyzer::Analyze(Packet* packet) {
+zeek::packet_analysis::AnalysisResultTuple NFLogAnalyzer::Analyze(Packet* packet) {
 	auto& pdata = packet->cur_pos;
 	auto end_of_data = packet->GetEndOfData();
 
 	// See https://www.tcpdump.org/linktypes/LINKTYPE_NFLOG.html
-	identifier_t protocol = pdata[0];
+	uint32_t protocol = pdata[0];
 	uint8_t version = pdata[1];
 
 	if ( version != 0 )
diff --git a/src/packet_analysis/protocol/nflog/NFLog.h b/src/packet_analysis/protocol/nflog/NFLog.h
index 01ecf0233f..e5212c6788 100644
--- a/src/packet_analysis/protocol/nflog/NFLog.h
+++ b/src/packet_analysis/protocol/nflog/NFLog.h
@@ -12,7 +12,7 @@ public:
 	NFLogAnalyzer();
 	~NFLogAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/null/Null.cc b/src/packet_analysis/protocol/null/Null.cc
index 6a0158a508..923f5c4ba9 100644
--- a/src/packet_analysis/protocol/null/Null.cc
+++ b/src/packet_analysis/protocol/null/Null.cc
@@ -10,7 +10,7 @@ NullAnalyzer::NullAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> NullAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple NullAnalyzer::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 
@@ -20,7 +20,7 @@ std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identif
 		return { AnalyzerResult::Failed, 0 };
 		}
 
-	identifier_t protocol = (pdata[3] << 24) + (pdata[2] << 16) + (pdata[1] << 8) + pdata[0];
+	uint32_t protocol = (pdata[3] << 24) + (pdata[2] << 16) + (pdata[1] << 8) + pdata[0];
 	pdata += 4; // skip link header
 
 	return { AnalyzerResult::Continue, protocol };
diff --git a/src/packet_analysis/protocol/null/Null.h b/src/packet_analysis/protocol/null/Null.h
index 4c7b692081..8282cee7b5 100644
--- a/src/packet_analysis/protocol/null/Null.h
+++ b/src/packet_analysis/protocol/null/Null.h
@@ -12,7 +12,7 @@ public:
 	NullAnalyzer();
 	~NullAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/ppp_serial/PPPSerial.cc b/src/packet_analysis/protocol/ppp_serial/PPPSerial.cc
index b4019a74a4..fc79156bd6 100644
--- a/src/packet_analysis/protocol/ppp_serial/PPPSerial.cc
+++ b/src/packet_analysis/protocol/ppp_serial/PPPSerial.cc
@@ -10,12 +10,12 @@ PPPSerialAnalyzer::PPPSerialAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> PPPSerialAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple PPPSerialAnalyzer::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 
 	// Extract protocol identifier
-	identifier_t protocol = (pdata[2] << 8) + pdata[3];
+	uint32_t protocol = (pdata[2] << 8) + pdata[3];
 	pdata += 4; // skip link header
 
 	return { AnalyzerResult::Continue, protocol };
diff --git a/src/packet_analysis/protocol/ppp_serial/PPPSerial.h b/src/packet_analysis/protocol/ppp_serial/PPPSerial.h
index 3985e85bbf..02201c97fd 100644
--- a/src/packet_analysis/protocol/ppp_serial/PPPSerial.h
+++ b/src/packet_analysis/protocol/ppp_serial/PPPSerial.h
@@ -12,7 +12,7 @@ public:
 	PPPSerialAnalyzer();
 	~PPPSerialAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/pppoe/PPPoE.cc b/src/packet_analysis/protocol/pppoe/PPPoE.cc
index 282e341cde..5e2d2db6f1 100644
--- a/src/packet_analysis/protocol/pppoe/PPPoE.cc
+++ b/src/packet_analysis/protocol/pppoe/PPPoE.cc
@@ -10,7 +10,7 @@ PPPoEAnalyzer::PPPoEAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> PPPoEAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple PPPoEAnalyzer::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 
@@ -21,7 +21,7 @@ std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identif
 		}
 
 	// Extract protocol identifier
-	identifier_t protocol = (pdata[6] << 8u) + pdata[7];
+	uint32_t protocol = (pdata[6] << 8u) + pdata[7];
 	pdata += 8; // Skip the PPPoE session and PPP header
 
 	return { AnalyzerResult::Continue, protocol };
diff --git a/src/packet_analysis/protocol/pppoe/PPPoE.h b/src/packet_analysis/protocol/pppoe/PPPoE.h
index f342402d7f..3e37cf4cf4 100644
--- a/src/packet_analysis/protocol/pppoe/PPPoE.h
+++ b/src/packet_analysis/protocol/pppoe/PPPoE.h
@@ -12,7 +12,7 @@ public:
 	PPPoEAnalyzer();
 	~PPPoEAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/vlan/VLAN.cc b/src/packet_analysis/protocol/vlan/VLAN.cc
index 24f23b14b1..be3788f3fe 100644
--- a/src/packet_analysis/protocol/vlan/VLAN.cc
+++ b/src/packet_analysis/protocol/vlan/VLAN.cc
@@ -10,7 +10,7 @@ VLANAnalyzer::VLANAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> VLANAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple VLANAnalyzer::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 
@@ -23,7 +23,7 @@ std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identif
 	auto& vlan_ref = packet->vlan != 0 ? packet->inner_vlan : packet->vlan;
 	vlan_ref = ((pdata[0] << 8u) + pdata[1]) & 0xfff;
 
-	identifier_t protocol = ((pdata[2] << 8u) + pdata[3]);
+	uint32_t protocol = ((pdata[2] << 8u) + pdata[3]);
 	packet->eth_type = protocol;
 	pdata += 4; // Skip the VLAN header
 
diff --git a/src/packet_analysis/protocol/vlan/VLAN.h b/src/packet_analysis/protocol/vlan/VLAN.h
index d80af10ccb..40868e5adf 100644
--- a/src/packet_analysis/protocol/vlan/VLAN.h
+++ b/src/packet_analysis/protocol/vlan/VLAN.h
@@ -12,7 +12,7 @@ public:
 	VLANAnalyzer();
 	~VLANAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/src/packet_analysis/protocol/wrapper/Wrapper.cc b/src/packet_analysis/protocol/wrapper/Wrapper.cc
index 4a92504e5a..8d91dd5ed8 100644
--- a/src/packet_analysis/protocol/wrapper/Wrapper.cc
+++ b/src/packet_analysis/protocol/wrapper/Wrapper.cc
@@ -10,7 +10,7 @@ WrapperAnalyzer::WrapperAnalyzer()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> WrapperAnalyzer::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple WrapperAnalyzer::Analyze(Packet* packet)
 	{
 	// Unfortunately some packets on the link might have MPLS labels
 	// while others don't. That means we need to ask the link-layer if
@@ -35,7 +35,7 @@ std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identif
 		}
 
 	// Extract protocol identifier
-	identifier_t protocol = (pdata[12] << 8u) + pdata[13];
+	uint32_t protocol = (pdata[12] << 8u) + pdata[13];
 
 	packet->eth_type = protocol;
 	packet->l2_dst = pdata;
diff --git a/src/packet_analysis/protocol/wrapper/Wrapper.h b/src/packet_analysis/protocol/wrapper/Wrapper.h
index 6151cb4a39..2fd8abbea0 100644
--- a/src/packet_analysis/protocol/wrapper/Wrapper.h
+++ b/src/packet_analysis/protocol/wrapper/Wrapper.h
@@ -12,7 +12,7 @@ public:
 	WrapperAnalyzer();
 	~WrapperAnalyzer() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static zeek::packet_analysis::AnalyzerPtr Instantiate()
 		{
diff --git a/testing/btest/plugins/packet-protocol-plugin/src/Bar.cc b/testing/btest/plugins/packet-protocol-plugin/src/Bar.cc
index 14308d2339..fdf313d518 100644
--- a/testing/btest/plugins/packet-protocol-plugin/src/Bar.cc
+++ b/testing/btest/plugins/packet-protocol-plugin/src/Bar.cc
@@ -10,7 +10,7 @@ Bar::Bar()
 	{
 	}
 
-std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identifier_t> Bar::Analyze(Packet* packet)
+zeek::packet_analysis::AnalysisResultTuple Bar::Analyze(Packet* packet)
 	{
 	auto& pdata = packet->cur_pos;
 	auto end_of_data = packet->GetEndOfData();
@@ -31,5 +31,5 @@ std::tuple<zeek::packet_analysis::AnalyzerResult, zeek::packet_analysis::identif
 		val_mgr->Count(ssap),
 		val_mgr->Count(control));
 
-	return std::make_tuple(AnalyzerResult::Terminate, 0);
+	return { AnalyzerResult::Terminate, 0 };
 	}
diff --git a/testing/btest/plugins/packet-protocol-plugin/src/Bar.h b/testing/btest/plugins/packet-protocol-plugin/src/Bar.h
index 2473388ea4..a125b1c8c2 100644
--- a/testing/btest/plugins/packet-protocol-plugin/src/Bar.h
+++ b/testing/btest/plugins/packet-protocol-plugin/src/Bar.h
@@ -10,7 +10,7 @@ public:
 	Bar();
 	~Bar() override = default;
 
-	std::tuple<AnalyzerResult, identifier_t> Analyze(Packet* packet) override;
+	AnalysisResultTuple Analyze(Packet* packet) override;
 
 	static AnalyzerPtr Instantiate()
 		{