While there is a trap keyword to the login on-success command, it doesn't work. However, you can enable on-success log, then use syslog traps to get an SNMP trap notification:

login on-success log

snmp-server enable traps syslog

Then you'll see something like:

Oct 9 16:02:46 nms-server2 snmptrapd[61799]: 2009-10-09 16:02:46 nms-3560-a.rtp.cisco.com [UDP: [0.0.0.0]->[14.32.100.39]:-3362]: EXPRESSION-MIB::sysUpTimeInstance = Timeticks: (1100611999) 127 days, 9:15:19.99 SNMPv2-MIB::snmpTrapOID.0 = OID: CISCO-SYSLOG-MIB::clogMessageGenerated CISCO-SYSLOG-MIB::clogHistFacility.75428 = STRING: SEC_LOGIN CISCO-SYSLOG-MIB::clogHistSeverity.75428 = INTEGER: notice(6) CISCO-SYSLOG-MIB::clogHistMsgName.75428 = STRING: LOGIN_SUCCESSCISCO-SYSLOG-MIB::clogHistMsgText.75428 = STRING: Login Success [user: cse] [Source: 14.32.100.33] [localport: 23] at 16:02:45 EDT Fri Oct 9 2009 CISCO-SYSLOG-MIB::clogHistTimestamp.75428 = Timeticks: (1100611999) 127 days, 9:15:19.99