diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index b618b7394..f17304a21 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -12,4 +12,4 @@ jobs:
         with:
           python-version: '3.x'
       - run: git fetch --prune --unshallow --tags
-      - run: make check
+      - run: make check checklint yamllint
diff --git a/Makefile b/Makefile
index d6e65d4a4..5aaeebceb 100644
--- a/Makefile
+++ b/Makefile
@@ -86,7 +86,7 @@ misspell:
 	fi
 	./build/misspell/bin/misspell -error README.md CONTRIBUTING.md schemas/* docs/* experimental/schemas/*
 
-# Warn re misspell removal     
+# Warn re misspell removal
 .PHONY: misspell_warn
 misspell_warn:
 	@echo "Warning: due to lack of cross-platform support, misspell is no longer included in this task and may be deprecated in future\n"
@@ -110,4 +110,4 @@ build/ve/bin/activate: scripts/requirements.txt scripts/requirements-dev.txt
 # Check YAML syntax (currently not enforced).
 .PHONY: yamllint
 yamllint: ve
-	build/ve/bin/yamllint schemas/*.yml
+	build/ve/bin/yamllint -d '{extends: default, rules: {line-length: disable}}' schemas/*.yml
diff --git a/docs/fields/field-details.asciidoc b/docs/fields/field-details.asciidoc
index 4d7f9f959..f2259fb87 100644
--- a/docs/fields/field-details.asciidoc
+++ b/docs/fields/field-details.asciidoc
@@ -1628,7 +1628,7 @@ example: `co.uk`
 [[ecs-device]]
 === Device Fields
 
-Fields that describe a device instance and its characteristics.  Data collected for applications and processes running on a (mobile) device can be enriched with these fields to describe the identity, type and other characteristics of the device.
+Fields that describe a device instance and its characteristics. Data collected for applications and processes running on a (mobile) device can be enriched with these fields to describe the identity, type and other characteristics of the device.
 
 This field group definition is based on the Device namespace of the OpenTelemetry Semantic Conventions (https://opentelemetry.io/docs/reference/specification/resource/semantic_conventions/device/).
 
@@ -1647,7 +1647,7 @@ beta::[ These fields are in beta and are subject to change.]
 [[field-device-id]]
 <<field-device-id, device.id>>
 
-a| The unique identifier of a device. The identifier must not change across application sessions but stay fixed for an instance of a (mobile) device. 
+a| The unique identifier of a device. The identifier must not change across application sessions but stay fixed for an instance of a (mobile) device.
 
 On iOS, this value must be equal to the vendor identifier (https://developer.apple.com/documentation/uikit/uidevice/1620059-identifierforvendor). On Android, this value must be equal to the Firebase Installation ID or a globally unique UUID which is persisted across sessions in your application.
 
@@ -9206,7 +9206,7 @@ Note: this field should contain an array of values.
 [[ecs-risk]]
 === Risk information Fields
 
-Fields for describing risk score and risk level of entities such as hosts and users.  These fields are not allowed to be nested under `event.*`. Please continue to use  `event.risk_score` and `event.risk_score_norm` for event risk.
+Fields for describing risk score and risk level of entities such as hosts and users. These fields are not allowed to be nested under `event.*`. Please continue to use `event.risk_score` and `event.risk_score_norm` for event risk.
 
 beta::[ These fields are in beta and are subject to change.]
 
diff --git a/generated/beats/fields.ecs.yml b/generated/beats/fields.ecs.yml
index bbe911f6c..77f9536d9 100644
--- a/generated/beats/fields.ecs.yml
+++ b/generated/beats/fields.ecs.yml
@@ -1133,9 +1133,9 @@
   - name: device
     title: Device
     group: 2
-    description: 'Fields that describe a device instance and its characteristics.  Data
-      collected for applications and processes running on a (mobile) device can be
-      enriched with these fields to describe the identity, type and other characteristics
+    description: 'Fields that describe a device instance and its characteristics.
+      Data collected for applications and processes running on a (mobile) device can
+      be enriched with these fields to describe the identity, type and other characteristics
       of the device.
 
       This field group definition is based on the Device namespace of the OpenTelemetry
@@ -1147,13 +1147,15 @@
       level: extended
       type: keyword
       ignore_above: 1024
-      description: "The unique identifier of a device. The identifier must not change\
-        \ across application sessions but stay fixed for an instance of a (mobile)\
-        \ device. \nOn iOS, this value must be equal to the vendor identifier (https://developer.apple.com/documentation/uikit/uidevice/1620059-identifierforvendor).\
-        \ On Android, this value must be equal to the Firebase Installation ID or\
-        \ a globally unique UUID which is persisted across sessions in your application.\n\
-        For GDPR and data protection law reasons this identifier should not carry\
-        \ information that would allow to identify a user."
+      description: 'The unique identifier of a device. The identifier must not change
+        across application sessions but stay fixed for an instance of a (mobile) device.
+
+        On iOS, this value must be equal to the vendor identifier (https://developer.apple.com/documentation/uikit/uidevice/1620059-identifierforvendor).
+        On Android, this value must be equal to the Firebase Installation ID or a
+        globally unique UUID which is persisted across sessions in your application.
+
+        For GDPR and data protection law reasons this identifier should not carry
+        information that would allow to identify a user.'
       example: 00000000-54b3-e7c7-0000-000046bffd97
       default_field: false
     - name: manufacturer
diff --git a/generated/ecs/ecs_flat.yml b/generated/ecs/ecs_flat.yml
index 28f3e7d65..7e504589d 100644
--- a/generated/ecs/ecs_flat.yml
+++ b/generated/ecs/ecs_flat.yml
@@ -1642,13 +1642,15 @@ destination.user.roles:
   type: keyword
 device.id:
   dashed_name: device-id
-  description: "The unique identifier of a device. The identifier must not change\
-    \ across application sessions but stay fixed for an instance of a (mobile) device.\
-    \ \nOn iOS, this value must be equal to the vendor identifier (https://developer.apple.com/documentation/uikit/uidevice/1620059-identifierforvendor).\
-    \ On Android, this value must be equal to the Firebase Installation ID or a globally\
-    \ unique UUID which is persisted across sessions in your application.\nFor GDPR\
-    \ and data protection law reasons this identifier should not carry information\
-    \ that would allow to identify a user."
+  description: 'The unique identifier of a device. The identifier must not change
+    across application sessions but stay fixed for an instance of a (mobile) device.
+
+    On iOS, this value must be equal to the vendor identifier (https://developer.apple.com/documentation/uikit/uidevice/1620059-identifierforvendor).
+    On Android, this value must be equal to the Firebase Installation ID or a globally
+    unique UUID which is persisted across sessions in your application.
+
+    For GDPR and data protection law reasons this identifier should not carry information
+    that would allow to identify a user.'
   example: 00000000-54b3-e7c7-0000-000046bffd97
   flat_name: device.id
   ignore_above: 1024
diff --git a/generated/ecs/ecs_nested.yml b/generated/ecs/ecs_nested.yml
index fe512c7af..b08955b69 100644
--- a/generated/ecs/ecs_nested.yml
+++ b/generated/ecs/ecs_nested.yml
@@ -2084,7 +2084,7 @@ destination:
   type: group
 device:
   beta: These fields are in beta and are subject to change.
-  description: 'Fields that describe a device instance and its characteristics.  Data
+  description: 'Fields that describe a device instance and its characteristics. Data
     collected for applications and processes running on a (mobile) device can be enriched
     with these fields to describe the identity, type and other characteristics of
     the device.
@@ -2094,13 +2094,15 @@ device:
   fields:
     device.id:
       dashed_name: device-id
-      description: "The unique identifier of a device. The identifier must not change\
-        \ across application sessions but stay fixed for an instance of a (mobile)\
-        \ device. \nOn iOS, this value must be equal to the vendor identifier (https://developer.apple.com/documentation/uikit/uidevice/1620059-identifierforvendor).\
-        \ On Android, this value must be equal to the Firebase Installation ID or\
-        \ a globally unique UUID which is persisted across sessions in your application.\n\
-        For GDPR and data protection law reasons this identifier should not carry\
-        \ information that would allow to identify a user."
+      description: 'The unique identifier of a device. The identifier must not change
+        across application sessions but stay fixed for an instance of a (mobile) device.
+
+        On iOS, this value must be equal to the vendor identifier (https://developer.apple.com/documentation/uikit/uidevice/1620059-identifierforvendor).
+        On Android, this value must be equal to the Firebase Installation ID or a
+        globally unique UUID which is persisted across sessions in your application.
+
+        For GDPR and data protection law reasons this identifier should not carry
+        information that would allow to identify a user.'
       example: 00000000-54b3-e7c7-0000-000046bffd97
       flat_name: device.id
       ignore_above: 1024
@@ -15368,8 +15370,8 @@ related:
 risk:
   beta: These fields are in beta and are subject to change.
   description: Fields for describing risk score and risk level of entities such as
-    hosts and users.  These fields are not allowed to be nested under `event.*`. Please
-    continue to use  `event.risk_score` and `event.risk_score_norm` for event risk.
+    hosts and users. These fields are not allowed to be nested under `event.*`. Please
+    continue to use `event.risk_score` and `event.risk_score_norm` for event risk.
   fields:
     risk.calculated_level:
       dashed_name: risk-calculated-level
diff --git a/schemas/device.yml b/schemas/device.yml
index e9fdb2f15..3e03e4ab1 100644
--- a/schemas/device.yml
+++ b/schemas/device.yml
@@ -20,7 +20,7 @@
   group: 2
   short: Fields characterizing a (mobile) device a process or application is running on.
   description: >
-    Fields that describe a device instance and its characteristics. 
+    Fields that describe a device instance and its characteristics.
     Data collected for applications and processes running on a (mobile) device can be enriched with these fields
     to describe the identity, type and other characteristics of the device.
 
@@ -33,14 +33,14 @@
       level: extended
       example: 00000000-54b3-e7c7-0000-000046bffd97
       type: keyword
-      short: The unique identifier of a device. 
+      short: The unique identifier of a device.
       description: >
-        The unique identifier of a device. The identifier must not change across application sessions but stay fixed for an instance of a (mobile) device. 
+        The unique identifier of a device. The identifier must not change across application sessions but stay fixed for an instance of a (mobile) device.
 
         On iOS, this value must be equal to the vendor identifier (https://developer.apple.com/documentation/uikit/uidevice/1620059-identifierforvendor).
         On Android, this value must be equal to the Firebase Installation ID or a globally unique UUID which is persisted across sessions in your application.
 
-        For GDPR and data protection law reasons this identifier should not carry information that would allow to identify a user. 
+        For GDPR and data protection law reasons this identifier should not carry information that would allow to identify a user.
     - name: model.name
       level: extended
       example: Samsung Galaxy S6
@@ -66,4 +66,4 @@
       description: >
         The unique serial number serves as a distinct identifier for each device, aiding in inventory management and device authentication.
       example: DJGAQS4CW5
-      beta: This field is beta and subject to change. 
+      beta: This field is beta and subject to change.
diff --git a/schemas/email.yml b/schemas/email.yml
index 82bfd5b21..9c8b6ff39 100644
--- a/schemas/email.yml
+++ b/schemas/email.yml
@@ -180,8 +180,8 @@
         A brief summary of the topic of the message.
       example: "Please see this important message."
       multi_fields:
-      - type: match_only_text
-        name: text
+        - type: match_only_text
+          name: text
 
     - name: to.address
       level: extended
diff --git a/schemas/pe.yml b/schemas/pe.yml
index f2a5f1561..d20154465 100644
--- a/schemas/pe.yml
+++ b/schemas/pe.yml
@@ -208,4 +208,3 @@
       format: string
       type: long
       level: extended
-
diff --git a/schemas/risk.yml b/schemas/risk.yml
index 84835f08e..8c54f392b 100644
--- a/schemas/risk.yml
+++ b/schemas/risk.yml
@@ -22,8 +22,8 @@
   beta: >
     These fields are in beta and are subject to change.
   description: >
-     Fields for describing risk score and risk level of entities such as hosts and users. 
-     These fields are not allowed to be nested under `event.*`. Please continue to use 
+     Fields for describing risk score and risk level of entities such as hosts and users.
+     These fields are not allowed to be nested under `event.*`. Please continue to use
      `event.risk_score` and `event.risk_score_norm` for event risk.
   reusable:
     top_level: false