first of all, if they aren't "smart" enough to delete their .bash_history , I would think they would most probably be script kiddies.. and crackers with nothing else to do with their time : )
Anyways, instead of getting yourself all confused with NFS, I would try using the remote loghost system with Syslog, which is probably running on those machines.
First you should label all the machines with their hostnames. Then, install syslog (if some form of it isnt already there).
Now, designate a secure server as the "loghost".
add its hostname to the file /etc/hosts on each server
Then on each of the other servers, find the files called /etc/syslog.conf
In those files, add a line like one of these:
*.* @apple (for all messages to be sent to the loghost "apple")
OR kern.* @apple (for kernel messages to be sent... )
Etc... just do a search for syslog loghost on google.
now, start syslog on the loghost with the flag to accept remote logs...
i forget what that is, but just type "man syslogd" or "man syslog" for it...
any questions, just ask away!
-- good luck