A specific use case exists where users may want to track when a particular audited property was modified but the property value shouldn't be replicated to the audit schema because its either not of any business use or perhaps is sensitive such as passwords.

A proposed solution would be to introduce an additional attribute on the @Audited annotation as follows:

@Audited(onlyModifiedFlag = true)

The proposal is when this flag is specified (default being false), Envers would not include the actual data column in the schema and only the modified flag field would be tracked.

This would also imply that any returned objects from the audit queries would contain null values in those fields as if they were non-audited fields; however the modified flag queries would allowing use case such as determining when the property was last modified.