Well, you could have a User entity with the properties lastLogin and lastLogout. If the User entity is audited and these properties get updated each time the user logs in or logs out respectivly then you could use the audit table of the User entity for a trace of login and logout actions of this user. Does this help?