One way I'd approach that is to have a root script copy the contents of the .bash_history files to a central file periodicaly. cron can handle this.
There isn't a whole lot you can do on a system without keystrokes.
The files in the /var/log section contain a lot of what you are looking for. If you are monitoring Internet activity, you can increase the logging of the iptables firewall and get a ton of data.
I'm not aware of a built in feature in Linux like HP-UX Trusted System auditing that integrates this feature. That doesn't mean it doesn't exist.
My guess is you're going to need a third party auditing product.
I would suggest you look for one at sourceforge.net or tucows.com
I have to go home or I'd do it for you for extra points.
Regards,
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
