DB2 v9.5 ESE on AIX v6.1

We need to trace when certain user is accessing tables (select, update, delete) in the database.
He can do it via application (C++ code) or command line and we want
to trace only his command line statements. Is there a way to audit only those?

another question - execute audit records in execute.del file do not really indicate what
sql statement it is but I can see actual statements in auditlobs file. But only statements.
The rest of the record is cripted:

^Aselect count(*) from ak_datawarehouseGEN_CMPL^A^P^A^A^D^A -8^B^D^A(^C^D^A0^D^A^A8^C3^E^A^A@^C3^A^F^A
^AH^C3^G^A^AP^C3^^H^A^AX^C3^ ^E^A`^C3^

what is the format of this file and how do I work with it? could not find it in IBM documentation.
thanks in advance