You want your sudo logs kept off-host to prevent tampering or interference.

Use syslog ’s @otherhost syntax: [Recipe 9.29]

               /etc/syslog.conf:
authpriv.*         @securehost

Remember that the remote host’s syslogd needs must be invoked with the -r flag to receive remote messages. Make sure your remote host doesn’t share root privileges with the sudo host, or else this offhost logging is pointless.

syslog.conf(5), syslogd(8).