[eluser]Pert[/eluser]
Logs are the only way to piece together what ever happened while you weren't looking.
For first few months leave CI to write PHP errors in log files, very useful when trying to iron out all the issues and soon the number of errors should be very small.
Server logs are useful, but some hosting companies make it pain in the bum to get access to these.
General rule is, if they got into your server, it was probably lack of security from server software side than through your CI application.
As a side note, I hope whoever is working on CodeIgniter 3.0 will fix that annoying session cookie message - suspicious data was in the cookie, it might be hacking attempt. Sure, how about adding details like what the cookie was or what was remote IP address?