Currently, audit log messages contains the "action" for which access was checked; this is one of READ, WRITE, CREATE or ADMIN.
These give very little information to the person digging into the logs about what was done, though. You can't ask "who deleted rows from table x?", because "delete" is translated to a "WRITE" action.
It would be nice if the audit logs contained the higher-level operation, either replacing or in addition to the RWCA information.