There is currently a way to prevent audit records on individual passwords using the PreventAuditing=True parameter in the URL, but my SQL audit table is full of 'Password List Retrieved' entries from API calls. Adding the PreventAuditing=True parameter to the searchpasswordlist and passwordlist calls doesn't help.