private ConnectionsPayload CreateInetConnPayloadFromAuditEvent(AuditEvent auditEvent)
{
ConnectionsPayload connectionPayload = null;
string hexStringSaddr = auditEvent.GetPropertyValue(AuditEvent.AuditMessageProperty.SocketAddress);
try
{
ConnectionSaddr saddr = ConnectionSaddr.ParseSaddrToInetConnection(hexStringSaddr);
if (!ConnectionSaddr.IsLocalIp(saddr.Ip)) //we don't send local connections
{
connectionPayload = CreateConnPayloadFromAuditEvent(auditEvent);
connectionPayload.RemoteAddress = saddr.Ip;
connectionPayload.RemotePort = saddr.Port.ToString();
}
}
catch (Exception e)
{
SimpleLogger.Error($"Failed to parse saddr {hexStringSaddr}", exception: e);
connectionPayload = null;
}
return(connectionPayload);
}
