[Info-vax] OpenVMS Security enhancement ? Log all commands / activity

[IanD]

Since we are going to be pitching security as a strong point for VMS going forward  how about having command logging for all commands executed by a process on a VMS system?

Yes, I know you can get this via clue and/or dumping sda structures but that's not useful once a process has logged out.
I'm referring to having something that would be possibly part of the security audit system and logging all commands as a process runs

I'm well aware that for say a batch process this might create an issue, especially for scripts that loop but perhaps make it switch-able. On for interactive processes by default, tunable for other process types

Other spin-off benefits might include:

Being able to access this information for command recall (fixing the half implemented system that exists now for saving commands that you cannot do via a logout script - grrr). You could then recall process commands going back to a date/time etc (as long as they were accessible via the security audit file, assuming they are logged there). You could even have command recall groups, say where the accounting department does a recall/save/share=[group] etc and other such weird and wonderful combinations (possible security issues there though)

anyhow, I digress... 

Is it just myself and my lack of understanding that finds it is an audit nightmare trying to track down what someone has done on a system? 
You either have to put security alarms all over the place and put the audit trail back together or you just hope someone is still logged in and you can dump their recall buffer, hardly a guaranteed audit log IMO

I'm stuck on 7.3-2 but I doubt this audit hole is any different in 8.4+ as far as auditing commands executed on a VMS system

Feasible? Wanted? Required for a modern secure OS? Or is this available now anyhow (apart from clue etc)