Using the word "forensics" suggests you will be going back looking for evidence of crime.
Define why you are logging things and then you will have a better idea of what to log.
The danger of logging everything just because you can is that you end up with log files so huge that they obfuscate important data because of their very size.
You can log to numerous different files, so make sure you name these files very carefully otherwise you will forget what each one is for.
Consider using a proper logging library (PEAR::Log, ZF logging) because then you end up with just single lines of code that you have granular control over at runtime - allowing you to switch logging on and off up set the level of log up or down.
There is another source of logging you should remember is available and that is your database log. There are plenty of options there. General log might be of interest, but could slow you db server.
I just came off a project using SOAP to connect 5 different servers and logging was the only way to figure out what was happening.hence the importance of granular control, ease of access, naming conventions and relevance of data are fresh in my mind.
Don't forget you can also log to a db, sqlite is ideal for this kind of thing (I created an Sqlite driver for PEAR::Log if anyone wants it, shout out).
Once your logging is set up and if you are logging to files, then an hour spent reading about logrotate would be good.