diff --git a/api/proto/pkg/audit/event_entity.proto b/api/proto/pkg/audit/event_entity.proto
index 2939193..00492af 100644
--- a/api/proto/pkg/audit/event_entity.proto
+++ b/api/proto/pkg/audit/event_entity.proto
@@ -42,20 +42,10 @@ message EventEntity {
     google.protobuf.Timestamp timestamp = 2;
     TransportProtocol transport = 3;
     AppProtocol application = 4;
-
-    oneof sourceIP {
-        uint32 sourceIPv4 = 5;
-        uint64 sourceIPv6 = 6;
-    }
-
-    oneof destinationIP {
-        uint32 destinationIPv4 = 7;
-        uint64 destinationIPv6 = 8;
-    }
-
-    uint32 sourcePort = 9;
-    uint32 destinationPort = 10;
-
-    TLSDetailsEntity tls = 11;
-    google.protobuf.Any protocolDetails = 12;
+    bytes sourceIP = 5;
+    bytes destinationIP = 6;
+    uint32 sourcePort = 7;
+    uint32 destinationPort = 8;
+    TLSDetailsEntity tls = 9;
+    google.protobuf.Any protocolDetails = 10;
 }
\ No newline at end of file
diff --git a/pkg/audit/event.go b/pkg/audit/event.go
index 5e2f29d..0e7576c 100644
--- a/pkg/audit/event.go
+++ b/pkg/audit/event.go
@@ -30,20 +30,6 @@ type Event struct {
 }
 
 func (e *Event) ProtoMessage() *EventEntity {
-	var sourceIP isEventEntity_SourceIP
-	if ipv4 := e.SourceIP.To4(); ipv4 != nil {
-		sourceIP = &EventEntity_SourceIPv4{SourceIPv4: ipv4ToUint32(ipv4)}
-	} else {
-		sourceIP = &EventEntity_SourceIPv6{SourceIPv6: ipv6ToBytes(e.SourceIP)}
-	}
-
-	var destinationIP isEventEntity_DestinationIP
-	if ipv4 := e.DestinationIP.To4(); ipv4 != nil {
-		destinationIP = &EventEntity_DestinationIPv4{DestinationIPv4: ipv4ToUint32(ipv4)}
-	} else {
-		destinationIP = &EventEntity_DestinationIPv6{DestinationIPv6: ipv6ToBytes(e.DestinationIP)}
-	}
-
 	var tlsDetails *TLSDetailsEntity = nil
 	if e.TLS != nil {
 		tlsDetails = e.TLS.ProtoMessage()
@@ -61,8 +47,8 @@ func (e *Event) ProtoMessage() *EventEntity {
 		Timestamp:       timestamppb.New(e.Timestamp),
 		Transport:       e.Transport,
 		Application:     e.Application,
-		SourceIP:        sourceIP,
-		DestinationIP:   destinationIP,
+		SourceIP:        e.SourceIP,
+		DestinationIP:   e.DestinationIP,
 		SourcePort:      uint32(e.SourcePort),
 		DestinationPort: uint32(e.DestinationPort),
 		Tls:             tlsDetails,
@@ -91,29 +77,13 @@ func (e *Event) SetDestinationIPFromAddr(localAddr net.Addr) {
 }
 
 func NewEventFromProto(msg *EventEntity) (ev Event) {
-	var sourceIP net.IP
-	switch ip := msg.GetSourceIP().(type) {
-	case *EventEntity_SourceIPv4:
-		sourceIP = uint32ToIP(ip.SourceIPv4)
-	case *EventEntity_SourceIPv6:
-		sourceIP = uint64ToIP(ip.SourceIPv6)
-	}
-
-	var destinationIP net.IP
-	switch ip := msg.GetDestinationIP().(type) {
-	case *EventEntity_DestinationIPv4:
-		destinationIP = uint32ToIP(ip.DestinationIPv4)
-	case *EventEntity_DestinationIPv6:
-		destinationIP = uint64ToIP(ip.DestinationIPv6)
-	}
-
 	ev = Event{
 		ID:              msg.GetId(),
 		Timestamp:       msg.GetTimestamp().AsTime(),
 		Transport:       msg.GetTransport(),
 		Application:     msg.GetApplication(),
-		SourceIP:        sourceIP,
-		DestinationIP:   destinationIP,
+		SourceIP:        msg.SourceIP,
+		DestinationIP:   msg.DestinationIP,
 		SourcePort:      uint16(msg.GetSourcePort()),
 		DestinationPort: uint16(msg.GetDestinationPort()),
 		ProtocolDetails: guessDetailsFromApp(msg.GetProtocolDetails()),
diff --git a/pkg/audit/ip_conversion.go b/pkg/audit/ip_conversion.go
deleted file mode 100644
index 7385eb3..0000000
--- a/pkg/audit/ip_conversion.go
+++ /dev/null
@@ -1,33 +0,0 @@
-package audit
-
-import (
-	"encoding/binary"
-	"math/big"
-	"net"
-)
-
-func ipv4ToUint32(ip net.IP) uint32 {
-	if len(ip) == 16 {
-		return binary.BigEndian.Uint32(ip[12:16])
-	}
-	return binary.BigEndian.Uint32(ip)
-}
-
-func ipv6ToBytes(ip net.IP) uint64 {
-	ipv6 := big.NewInt(0)
-	ipv6.SetBytes(ip)
-	return ipv6.Uint64()
-}
-
-func uint32ToIP(i uint32) (ip net.IP) {
-	buf := make([]byte, 4)
-	binary.BigEndian.PutUint32(buf, i)
-	ip = buf
-	ip = ip.To4()
-	return
-}
-
-func uint64ToIP(i uint64) (ip net.IP) {
-	ip = big.NewInt(int64(i)).FillBytes(make([]byte, 16))
-	return
-}
diff --git a/pkg/audit/reader_test.go b/pkg/audit/reader_test.go
index e65ec7f..94c2e32 100644
--- a/pkg/audit/reader_test.go
+++ b/pkg/audit/reader_test.go
@@ -13,11 +13,13 @@ import (
 
 var (
 	//nolint:lll
-	httpPayloadBytesLittleEndian = `dd000000120b088092b8c398feffffff011801200248d8fc0150505a3308041224544c535f45434448455f45434453415f574954485f4145535f3235365f4342435f5348411a096c6f63616c686f73746282010a34747970652e676f6f676c65617069732e636f6d2f696e65746d6f636b2e61756469742e4854545044657461696c73456e74697479124a12096c6f63616c686f73741a15687474703a2f2f6c6f63616c686f73742f6173646622084854545020312e312a1c0a0641636365707412120a106170706c69636174696f6e2f6a736f6e28818080f80738818080f807`
+	httpPayloadBytesLittleEndian = `dd000000120b088092b8c398feffffff01180120022a047f00000132047f00000138d8fc0140504a3308041224544c535f45434448455f45434453415f574954485f4145535f3235365f4342435f5348411a096c6f63616c686f73745282010a34747970652e676f6f676c65617069732e636f6d2f696e65746d6f636b2e61756469742e4854545044657461696c73456e74697479124a12096c6f63616c686f73741a15687474703a2f2f6c6f63616c686f73742f6173646622084854545020312e312a1c0a0641636365707412120a106170706c69636174696f6e2f6a736f6e`
 	//nolint:lll
-	httpPayloadBytesBigEndian   = `000000dd120b088092b8c398feffffff011801200248d8fc0150505a3308041224544c535f45434448455f45434453415f574954485f4145535f3235365f4342435f5348411a096c6f63616c686f73746282010a34747970652e676f6f676c65617069732e636f6d2f696e65746d6f636b2e61756469742e4854545044657461696c73456e74697479124a12096c6f63616c686f73741a15687474703a2f2f6c6f63616c686f73742f6173646622084854545020312e312a1c0a0641636365707412120a106170706c69636174696f6e2f6a736f6e28818080f80738818080f807`
-	dnsPayloadBytesLittleEndian = `1b000000120b088092b8c398feffffff011801200148d8fc01505030014001`
-	dnsPayloadBytesBigEndian    = `0000001b120b088092b8c398feffffff011801200148d8fc01505030014001`
+	httpPayloadBytesBigEndian = `000000dd120b088092b8c398feffffff01180120022a047f00000132047f00000138d8fc0140504a3308041224544c535f45434448455f45434453415f574954485f4145535f3235365f4342435f5348411a096c6f63616c686f73745282010a34747970652e676f6f676c65617069732e636f6d2f696e65746d6f636b2e61756469742e4854545044657461696c73456e74697479124a12096c6f63616c686f73741a15687474703a2f2f6c6f63616c686f73742f6173646622084854545020312e312a1c0a0641636365707412120a106170706c69636174696f6e2f6a736f6e`
+	//nolint:lll
+	dnsPayloadBytesLittleEndian = `3b000000120b088092b8c398feffffff01180120012a100000000000000000000000000000000132100000000000000000000000000000000138d8fc014050`
+	//nolint:lll
+	dnsPayloadBytesBigEndian = `0000003b120b088092b8c398feffffff01180120012a100000000000000000000000000000000132100000000000000000000000000000000138d8fc014050`
 )
 
 func mustDecodeHex(hexBytes string) io.Reader {