hah, oops, I posted this with the company account.

Well, you have multiple mechanisms to do that. You have -t traffic.txt to collect all the requests and responses to the textual file, you have -v (e.g. -v 6) to display all the traffic live in console, etc.

One important thing. Redirects (of any kind) are something that occurs quite often. sqlmap does not have a mechanism to distinguish whether some request was a result of successful login, or maybe some protection mechanism got introduced in the middle of test, or ....

I could do some generic stuff, but I am really scared that users won't know what to do with that info. Also, in lots of cases, claiming that something was resulting with "successful" login will introduce lots and lots of new issue where people will nag how they are getting some new "false positives"

Ah. You make good points.
I used -v 4 to find the input which resulted in the redirect the first time. Perhaps in addition to asking "would you like to follow the redirect", sqlmap could also ask "would you like to see the input that caused the redirect' - hopefully phrasing it that way doesn't presume "successful login", and people who dont care about it can just say no..

@stamparm I have a better idea:
Once the sqlmap sees the request for a redirect, in the background go to the page and look for a response using regular expressions:

(log[_\-\s]?out|sign[_\-\s]?out|log[_\-\s]?off|sign[_\-\s]?off|exit|quit|bye-bye|clearuser|invalidate|выход|выйти|закрыть сеанс|завершить сеанс|закончить сеанс|завершить работу|закончить работу|выйти из системы|выход из системы)

As soon as it finds a coincidence about the exit from the site, we can offer the user cookies