I might have commented too fast. I suppose you see the SQL parameters logged as well? Which JDBC driver are you using?

Would it be fine for you if we patched the code to log the SQL statement while avoiding the parameter values?