[BBLISA] Interpreting audit logs?

[Scott Ehrlich]

Whenever I review audit logs, it is difficult for me to determine if an account 
was logged in at an usual day/time because there is no timestamp next to any 
entry, at least as I interpret the format.   How, then do I properly and 
successfully review the audit log entries based on a date/time stamp?

Also, how can I filter out root and sudo account entries, displaying everyone 
else in audit?

Thanks.

Scott