I am able to find out from secure log that who logged in from where using ssh.
And the last command also proved that.
Is there any why to find out what were the commands run in that ssh session?
what had been executed in past by which user might not be possible as history command does not store the timestamp by default. You need to enable those things for future reference.
Add the following in /etc/profile
HISTSIZE= HISTFILESIZE= HISTTIMEFORMAT="%d/%m/%y %T "
You can also enable the auditd which is a very rich application for this purpose.