In the given audit log enable configuration, If I want to capture all audit for different keyspaces and table, can we remove last two parameter so that it will capture audit logs for all keyspaces?

# audit setting
# by default, Scylla does not audit anything.
# It is possible to enable auditing to the following places:
#   - audit.audit_log column family by setting the flag to "table"
audit: "syslog"
# List of statement categories that should be audited.
audit_categories: "DCL,DDL,AUTH"
# List of tables that should be audited.
audit_tables: "mykespace.mytable"
# List of keyspaces that should be fully audited.
# All tables in those keyspaces will be audited
audit_keyspaces: "mykespace"

Unfortunately, it looks like you need to explicitly list all tables in there, if you want them audited.

@tzach is there a specific reason we don’t have a catch-all option?

No specific reason.
The assumption was that Audit, as a performance-consuming feature, would be used for specific keyspace and tables.