The "show audit-trail" command can show you configuration commands that are typed on the commandline or on the GUI. It can also show you who is logging in and out. Information about the command is here: http://community.arubanetworks.com/t5/Command-of-the-Day/COTD-audit-trail-all/m-p/971/highlight/true#M65
One limitation of this command is that it cannot by default show ONLY who is logging in and out of your controller. In ArubaOS 6.3 there is a "show audit-trail login" command that shows ONLY logins and logouts:
(192.168.1.3) # show audit-trail login
Sep 28 22:44:07 cli[1496]: USER: admin has logged in from 192.168.1.6.
Sep 28 22:44:10 cli[1496]: USER: admin connected from 192.168.1.6 has logged out.
Sep 29 07:11:47 cli[1496]: USER: admin has logged in from 192.168.1.121.
Sep 29 07:28:35 cli[1496]: USER: admin connected from 192.168.1.121 has logged out.
Sep 29 11:13:18 cli[1496]: USER: admin has logged in from 192.168.1.67.
Sep 29 11:28:35 cli[1496]: USER: admin connected from 192.168.1.67 has logged out.
Sep 29 20:22:54 cli[1496]: USER: admin has logged in from 192.168.1.79.
When logs are collected on the controller using "tar logs tech-support" or through the GUI, the audit trail login is saved to the file /var/log/oslog/audittrail-login_out.log"