We needed to set up alerts whenever someone connects to a particular server. Since the server only has one user that can SSH (root is disallowed) it was pretty easy to follow these instructions and have it working in 5 minutes:
Add following content to .bashrc file of the SSH user
echo 'ALERT - ServerName Root Access on:' `date` `who` | mail -s "Alert: ServerName Access from `who | cut -d'(' -f2 | cut -d')' -f1`" you@yourdomain.com
changed ServerName to the actual servername (in 2 places),
changed Root to the actual user who has SSH access (and whose .bashrc was updated)
changed you@yourdomain to my own email.
Conceivably this could be done to every user’s .bashrc file and (assuming you trust them not to change it) you’d always be notified when they log in.