You can selectively end some or all access logging for a security constraint using the END LOGGING statement, for example:
END LOGGING [DENIALS] [WITH TEXT] On [FIRST|EACH] [ALL|operation_type ...(, operation_type)|GRANT] FOR CONSTRAINT constraint_name [BY user_name ...(, user_name)] [ON object_name ...(, object_name)
where:
| Syntax Element | Description |
|---|---|
| DENIALS | Causes the system to end logging when a security constraint defined for the object being accessed is not defined for the session user/profile. Denials are not logged if the session has the constraint definition, but lacks the required value to access a row.
|
| WITH TEXT | Specifies inclusion of the full text of the request in the log entry. |
| ON [FIRST|EACH] | Optionally defines the logging frequency as either the FIRST time, or EACH time, that the specified action is attempted against the specified object. |
| ALL | Specify one of the following options:
|
| operation_type ...(, operation_type) | |
| GRANT | |
| FOR CONSTRAINT constraint_name | Logging of row level security privilege checks must include the keywords FOR CONSTRAINT. An END LOGGING statement can only reference one constraint name, and it must already exist in the system. |
| BY user_name ...(, user_name) | Identifies the users for whose sessions logging is ended. If the BY clause is not specified, logging applies to all users. |
| BY object_name ...(, object_name) | Identifies the objects for which requests no longer generate row level security access logging, based on the specified logging parameters. Each object_name must be a database or a table.
If no objects are specified, access logging is ended for all objects that are subject to the security constraint specification. |