So let us call it the poor sysadmin weapons as they are free like in beer and simple enough to install and use. The acct package is the first to have. Between others you have the lastcomm command available. But as you might have noticed it does not give you the whole command including parameters and options. SnoopyLogger to the rescue. I have tested all this in Ubuntu BTW.
Here is a recipe for you to install and check the power of this tiny C Open Source code.
You can install all this in your servers following the instructions from https://github.com/a2o/snoopy.
At this point you can review any command inspecting the proper log file. In Ubuntu:
tail -f /var/log/auth.logNote that acct and snoopy logger are different packages/programs. While you can use the acct package to look into the history of commands with commands like 'lastcomm -f /var/log/account/pacct' or point to a previous rotated pacct file you do not get the full command including parameters.
When it comes to security I also recommend using Logwatch