So what I want to accomplish is logging queries for roles/privileges with minimal increasing volume of logs along the way. The idea I got from responses in this thread so far is:
1) Set log_statement on postgresql.conf to 'mod'
2) Raise log_statement to 'all' but only for postgres superuser
What seems to be open questions to me with this model:
1) Way to check what log_statement set to on per user basis (what table should I query?)
2) Way to ensure that only superuser can run meta commands, such as \du, \dp, \z
Thanks,
Oleg