Adrian,
What I hope to achieve is to meet this requirement from Database SRG:
Review DBMS documentation to verify that audit records can be produced when privileges/permissions/role memberships are retrieved.
To do that I would need to enable logging of such commands as \du, \dp, \z. At the same time, I do not want to get 20 GB of logs on the daily basis, by setting log_statement = 'all'. So, I'm trying to find a way in between.
Thanks,
Oleg