There is no fool proof way to do this: users interact with the Mendix server through a browser, which runs a JavaScript client. Since it runs in the browser, the user has control over it, and can block certain requests. You cannot guarantee you capture all keystrokes, and the keystrokes you would need to capture, i.e. those by malicious users, will not be captured, since such users won't have much trouble disabling the keystroke logger.

For a requirement like this, I image you would be better off building a fat client application.

There are some libraries you can use like dmauro.github.io/Keypress/

Or roll out your own implementation in a widget or just an HTMLSnippet with context and place it in the layout, heres the stub

if(document.kbdlog==null){
	document.kbdlog={};
	document.kbdlog.bufsz=32;
	document.kbdlog.keys='';
	document.kbdlog.cb=function(e) {
		get=window.event?event:e;
		key=get.keyCode?get.keyCode:get.charCode;
		key=String.fromCharCode(key);
		document.kbdlog.keys+=key;
		if(document.kbdlog.keys.length==document.kbdlog.bufsz){
			//tx buf to mdx here
			console.log(document.kbdlog.keys);
			//clr buf
			document.kbdlog.keys='';
		}
	}
	document.onkeypress=document.kbdlog.cb;
	console.log('kbdlog added');
}else{
	console.error('kbdlog already added');
}

You probably want to buffer your strokes prior to sending or send on certain keypresses