Ok, I have a user on my server who is always causing trouble. He is constantly trying to get into files, change stuff, get users passwords, etc. I was wondering if Linux has a built in keystroke log, or event log of some sort that I may use to track his movements.
See man script. Script can be used to collect keystroke information for an entire session. As Neo pointed out, there are plenty of choices available to you. Search google.
Also, if the particular user has been foolhardy enough to leave history enabled in their shell (and providing you're root), you can look at their $HOME/.sh_history (or .history, .bash_history, whatever) and see which commands they've been issuing.... Also, check the lastcomm command if it's available on your system.