I work primarily with AIX.
You're right the *.* will pick up all loggins.
You can use the sudoers file (visudo) and add the following entry which will only log sudo commands:
Defaults: log_year, logfile=/var/log/sudo.log
(Use tab to type "log_year,...)
This will log only the current host.
If you want to also log to an alternate host, you can use the /etc/syslog.conf, which is what you're probably using now.
You can read more about it at:
www.komar.org/pres/sudo/syslog14.html for syslog.conf entries.
IBM support suggested that you can use "local2.debug" instead of *.* or "local2.info"
I'm trying to get sudo to log using syslogd, but no success - not even with *.*
Hope this helps.