I think this is what you are looking for:
http://sharadchhetri.com/2011/12/02/...ndary-logging/
However, if you are giving any person root privilege he/she can mess up with these files as well. It is not advisable to give any user sudo su - or sudo su - root or sudo /bin/bash access.
What I am trying to say is no matter what security measure you put in if the user will have full root access he / she can anyways manipulate / mess the logs files as well. So better never ever give any user full root access.