Filterable audit events for filtered (whitelisted) users are still being logged in audit log

To reproduce:
1. Start a 5.5.x (possibly affects all 5.x versions) Couchbase Server cluster.
2. Go to Security -> Audit , and add a user under "Ignore Filterable Events From These Users"
3. Use a client to add/edit a document, maybe something like

/opt/couchbase/bin/cbworkloadgen -i 1 -b testB -u david -p password

4. Check audit logs "cat /opt/couchbase/var/lib/couchbase/logs/audit.log", you will see document mutation logged:

{"timestamp":"2019-04-02T10:15:46.446519Z","peername":"127.0.0.1:37730","sockname":"127.0.0.1:11210","real_userid":{"domain":"memcached","user":"david"},"bucket":"testB","key":"<ud>pymc0</ud>","id":20490,"name":"document modify","description":"Document was modified"}

Seems to be related to how domain is being set in the event payload.