The enhanced sql logging is mentioned above and it logs to the x-errors_sql.log file. When there is an SQL error they log the sql, the response from the sql interpreter (mysql), a backtrace of how the error happened, and now they log the query string and the IP address of the user who caused the error. If you examine your log and you see something like:
login.php?username=master&password=abc' OR password = '
You can probably guess that someone is attempting some sql injection attacks to break into your site (no the above will not work on x-cart). But now you have proof and their IP address. If you wish to contact their ISP about it, you have logs to present. If someone does break in, then you definitely want these logs for prosecutorial purposes.
We got hacked once at a place I used to work and we just turned the server logs right over to the FBI. I don't know what ever came of it, though, as I wasn't in the IT department at the time, but I know the importance of logs
